Vice President - Digital Forensics and Incident Response Manager
- Analyse, develop and refine security monitoring controls, practices and use-cases to detect anomalies and incidents across the applications and infrastructure estate.
- Monitor activity upon specified information systems and devices. Identify and report suspicious, improper, malicious or harmful activity. To include regular and ad-hoc reporting.
- Undertake complex IR investigations into specific threats or security incidents both internal and external.
- Identification, escalation and reporting of security incidents and breaches. Co-ordination of responses to these breaches, assess the impact and improving the overall Incident Response process.
- Experience in incident investigation, and analytics of network and host-based artifacts.
- Experience with IR and Forensics tools, packet inspection tools
- Work alongside the company's independent penetration testing program.
- Work closely with other technical and business departments to mitigate security/cyber risk:
- Implement SOPs and refine processes.
- Identify potential security threats and risks that may need review.
- Assist in risk assessment/acceptance/remediation processes
- Develop and mature the Incident Response and Threat hunting capabilities.
- Implementation of Incident Response frameworks/methodologies such as Kill Chain, MITRE, Threat Modelling, Diamond Model.
- Development of Threat Intelligence capabilities and integration of such controls with the security monitoring framework.
- Development of Security monitoring use cases and implementing custom IOC within the controls to detect suspicious and unusual traffic.
- Development of Vulnerability Management program within the organisation.
- Provide support to the IR practises such as IR investigations, and forensics procedures/processes.
- Providing subject matter expertise in Cyber Security as needed.
- Contribute to the design and delivery of security monitoring and control effectiveness reporting measures.
- Availability to cover anywhere from 7am to 7pm on all business days noting that ad-hoc cover outside of the normal work day may sometimes be needed.
- Incident Response Leadership skills. Relevant experience in managing and oversee/coordinate Incident Response and Security Monitoring;
- Relevant experience in working with threat modelling frameworks.
- Experience in finding, analysing, and extracting attack related payload from packet captures and host forensics images.
- Experience in a banking, investment banking or investment management environment;
- Exp in leading the team of DFIR analysts.
- Experience working with Cyber Security and Incident Response frameworks such as NIST, Kill Chain, Attack life Cycle, & MITRE).
- Relevant experience with MITRE Att&Ck alignment with security monitoring use cases.
- Relevant experience with cloud security assessments aligning it to industry standard benchmarking such as CIS.
- Minimum of 3 years of experience in managing and leading DFIR team.
- Proven track record for managing high impact cyber security incidents.
- In depth knowledge of a broad spectrum of security technologies incorporating network, operating system and application security;
- Working knowledge over a range of operating systems and platforms including: Windows Server, Windows XP, UNIX (Solaris, Linux), Stratus;
- Working knowledge of networks: LAN, WAN, routers (Cisco), switches (Cisco), Firewalls, remote access solutions, VPNs;
- Coordinate with other security functions (SOC, Threat Intelligence and Red/Blue team)
- Experience in managing and running Threat hunting initiatives including developing Threat intelligence governance framework.
- In-depth experience with SIEM tools with a strategic oversight on appropriate use case methodologies. Implementation of robust security monitoring use cases and Threat hunting capabilities.
- Incident Response experience with forensics capabilities. Experience with packet analysis on wireshark or any other network protocol analyser including hands on exp with IR tools.
- Experience with Advance threat detection, IAM solutions and DLP is preferred.
- Working knowledge of security products: network based intrusion prevention systems, vulnerability assessment and compliance monitoring solutions, content management tools.
- Strong knowledge on Vulnerability Management, with proven record of Remediation plans to reduce the threats and risk to Information Assets.
- Understanding of VMware technology stack.
- Full understanding of CIS security standards, assessment of the builds to ensure the alignment with CIS benchmarking and working with business to achieve the target state.
- Knowledge of SSL inspection and encryption methods.
Recommended Jobs
Pricing Actuary - Consulting/Sales
New exclusive to Eames and &##119847;&##119848;&##119847;-&##119853;&##119851;&##119834;&##119837;&##119842;&##119853;&##119842;&##119848;&##119847;&##119834;&##119845; &##119849;&##119851;&##119842;…
Maintenance Manager
Company Description We are looking for a Maintenance Manager to be part of our maintenance team at The Hoxton, Southwark. The Hoxton, Southwark is our third in London, only a skip & a hop away from …
Activities Assistant & Driver
This unique opportunity offers varied responsibilities making a real difference to the lives of older people in our community. You will be responsible for safely transporting our members from their …
Afterschool Nanny in London, Job ID J1E4E9
This lovely family based in Chelsea, London, is seeking an After-school Nanny to care for their two school-aged children. The role involves all general nanny duties. A driver would be an advantage, a…
Optometrist part-time - North London
Boring? Expensive? Dull? Jimmy Fairly was born, not with a want but a need to revolutionise the optical industry. Founded in 2010 by Antonin Chartier, a 23-year old psychology student with a passion…
Assistant Merchandiser (Pricing)
We’re ASOS, the online retailer for fashion lovers all around the world. We exist to give our customers the confidence to be whoever they want to be, and that goes for our people too. At ASOS,…
Store Stylist
Job Title: Store Stylist Department: Retail Contract type: Full time Location: Cadogan Place, London Role Purpose: Providing exceptional customer service and styling advice whil…
Regular Nanny-Housekeeper, Job ID J1E013
A lovely family based in Bayswater, London, is seeking a Full-time Nanny-Housekeeper to care for their toddler and school-aged child while keeping the home clean and well organised. Fluency in Englis…
Store Assistant Manager - Bromley and Surrounding Area
Store Assistant Manager - Bromley and Surrounding Area When registering to this job board you will be redirected to the online application form. Please ensure that this is completed in full in orde…
Intern
activities Print Tell a friend Company presentation The European Bank for Reconstruction and Development was founded in 1991 when communism was crumbling in Europe and ex-Soviet countries n…