Job Purpose
The Principle Engineer is an experienced L4 Forensic Analyst. They work during normal business hours and are responsible for investigating and managing the most complex incidents. For an engineer to operate at this level, they should have a skilled forensics background in reverse engineering malware, conducting host forensics or performing network forensics. They are responsible for investigating data breaches, critical security incidents and potential cyber-criminal activity
Job Outline:
- Performs advanced analysis of adversary tradecraft, malicious code, and Advance Persistent Threat capabilities.
- Analyse computer, communication, network security events and exploits to determine security vulnerabilities including recommendations for remedial actions.
- Conducts forensic, malicious code, and packet-level analysis to develop comprehensive technical reports stepping through complete reverse engineering of incidents.
- Recommends countermeasures based on the identified techniques, tactics, procedures, and behaviour patterns used by adversaries.
- Utilizes a range of specialised methods and techniques in order to retrieve and analyse data linked to a range of criminal activity, such as network intrusions, hacking, online fraud, political, industrial and commercial espionage, terrorist communication, theft of confidential information and the use of illegal images.
- This role is also responsible for coordinating incident drills (purple teaming), developing alert criteria (use-cases) and contributes to development, writing, and reviewing of SOPs in order to improve incident response capabilities.
- Leads the management of critical incidents, including coordination of incident investigation and management activities with both internal and external parties and supports the CSOC Manager through incident escalation and crisis management.
Qualifications & Experience
Information Technology.Other :
Degree or Honours (12+3 or equivalent) :
Degree in Computer Science, Information Systems, Engineering, Telecommunications, or other related scientific or technical discipline is desired. Four (4) additional years of general experience (as below) may be substituted for the degree. -Certifications Desired: Offensive Security Certified Expert (OSCE), GIAC Certified Reverse Engineering Malware (GREM), GIAC Certified Forensics Analyst (GCFA), GIAC Certified Network Forensics Analyst (GNFA), Encase Certified Examiner (ENCE). -General Experience: 5-7 years of experience in advanced technical analysis with increasing responsibilities. Demonstrated oral and written communications skills. -Good working knowledge of cyber threat analytics. -Previous experience working in cross functional and interdisciplinary project teams to achieve tactical and strategic objectives. -Proven ability to document and teach team members how to apply advanced analytic techniques to solve complex problems. -Solid understanding of enterprise IT cybersecurity operational environments. Experience: Overall 8+ years? in network security with a focus on computer forensics, static code reverse engineering, and advanced (packet) network analysis. Static code reverse engineering experience can be substituted by experience in similar skill in computer forensics, network analysis, mobile device forensics related to malicious code, network flow analysis, or other similar skill. -Experience analysing emerging technologies for potential attack vectors and developing mitigation strategies. -Ability to evaluate offensive and intelligence-based threat actors based on motivation and common TTPs. -Experience with gathering open-source and controlled intelligence to develop predictive understanding of adversarial strategies, priorities, and overlapping interests. -Demonstrated expertise in deploying and maintaining open source network security monitoring and assessment tools. -Experienced in technical writing such as Event Bulletins, Cyber Digests, and Quarterly Summary Reports. Leadership Role :NO
No comments:
Post a Comment