Cyberscope
CyberscopeApply
Join us
SOC Incident Response Specialist
At CyberScope Equipment we're looking for an SOC Incident Response Specialist to join our team.
About CyberScope
CyberScope is a multinational, Security-System-Integrator that delivers Managed, Detection and Respond services (MDR), via
24×7 SOC-as-a-service model.
The job
The Incident Response Specialist will join our team and the role includes:
– Develop end-customers’ Incident Response (IR) readiness and remediation plans.
– Be available, ready, and able to accept incoming calls.
– 24x7x365 on-call duty is part of the IR job.
– Respond in a timely manner (within documented SLA) to support IR.
– Plan, develop, and test new technical solutions and processes.
– Propose enhancement on tools and workflow.
– Provide training to L1 and L2 level Analyst.
We are looking for a dynamic candidate who Is passionate to become a cyber expert, having a super positive attitude, service orientation, diligent, self-learners with strong problem-solving, ambitions and team players.
Required Skills:
– Must have minimum level in English >B1 (Verbal, reading and writings skills).
– At least 5 years of practical Cyber experience.
– Experience in corporate windows environments (Active Directory).
– Responding and Managing cyber-Incidents (Firewalls/Routers/SIEM/EDR).
– Experience with analyzing network traffic and events (i.e., PCAP, event trees, etc.)
– Experience with common security tools / services (EDR, MISP, Yara, Sigma).
Developing/preparing Risk Assessments (i.e., covering AD/FW).
– Developing/preparing Playbooks.
– Presenting our SOC services and Incident response expertise and cases to potential clients.
– At least 3 years of practical Incident Response Experience
– Act as a lead in IR engagements with clients to coordinate activities for professional and experienced IR.
– Deliver IR processes according to best practices & be capable of driving the process in clients’ engagements.
– Conduct highly technical examinations, analysis and reporting of computer-based evidence related to security incidents (intrusion artifacts/IOCs) or investigations.
– Effective and secure handling of digital evidence and matter confidentiality.
– Ability to analyze data, such as logs or packets captures, from various sources within the enterprise and draw conclusions regarding past and future security incidents.
– Document incidents from initial detection through final resolution.
– Coordinate with other information security specialists to correlate threat assessment data.
Preferred Skills:
– Experience working with CrowdStrike or similar EDR/XDR tools.
– Tool agnostic with an emphasis on knowing the forensic artifacts themselves versus relying on tool output.
– Understanding of how to pivot across multiple datasets to correlate artifacts for a single security event.
– Ability to triage and analyze malware dynamically within a virtual environment to quickly gain a set of IOCs during an IR engagement.
– Experience identifying host anomalies via Windows Event logs, SysInternals Sysmon, Process Explorer/Monitor, Autoruns, etc.
Oportunity
We Offer an opportunity to enjoy friendly working environment and build a promising cyber career:
– Extensive training in cyber security on superior integrated technologies.
– Direct impact on the business, with an important role where you will be able to grow professionally.
– Working with a dynamic team of highly qualified international professionals.
– Competitive salary and long-term contract.