Cyber Security Incident Responder

Cyber Security Incident Responder 

The Security Operations Centre (SOC) houses the cyber security team responsible for monitoring and analysing an organisation’s security posture on an ongoing basis. The SOC team’s goal is to provide 24x7x365 capabilities to detect, analyse, and respond to cybersecurity incidents using a combination of technology solutions and a strong set of processes.

The Cyber Security Incident Responder will work with existing skilled IT Security staff, responding to cyber security threats in as near real-time as possible. An up to date understanding of relevant IT networks, security standards, authentication protocols, and security related hardware and software within the organisation is vital.

• Administer and optimize Microsoft Defender for Endpoint and Defender for Cloud configurations to ensure consistent security baselines across on-premises and cloud environments.

• Implement and maintain Microsoft Purview configuration policies to support data governance, compliance, and information protection strategies.

• Collaborate with IT, legal, compliance, and other key stakeholders to align configuration management practices with organizational policies and regulatory requirements.

• Coordinate with Key stakeholders to conduct investigations of cyber incidents or other security incidents utilising various tools and sources to reverse engineer malware and identify attack vectors to provide an accurate account.

• Conduct regular reviews of Defender and Purview configurations to identify misconfigurations, enforce best practices, and mitigate security risks.

• Intelligence driven investigative analysis, Define and coordinate cyber incident response testing to assess capabilities and breach preparedness

• Creation and maintenance of forensic and incident management policies that govern the handling of incidents

• Conduct research on the latest threats and the latest technological advancements in combating unauthorized access to information

• Perform threat hunting within the corporate environments to detect historic or active malicious/unauthorised activity

• Publish official reports and executive summaries for all major cyber incidents

• Identify and create appropriate controls within the SIEM and other security solution to prevent and detect security incidents

• Develop innovative monitoring and detection solutions using tools and advanced scripting

• Engages with other internal and external parties to get and share information to improve processes and security posture

• Carry detailed forensic analysis during a major incident response. 

• Support the wider analyst team with deeper analysis of complex security events and incidents.

• Passionate and Professional security mind set 

• Strong customer service skills to follow-up with clients and handle escalations

• Capability to ensure confidentiality and discretion in performing sensitive tasks 

• Possesses an understanding of cyber-attack techniques, vulnerabilities, and countermeasures

• Technical knowledge of Information Technology and Cyber Security standards 

• Expert knowledge of SIEM platforms, IT Forensics and real-time endpoint inspection tools

• Previous experience in handling Incident Response and Forensic analysis

• Understanding of MITRE ATT&CK framework

• Simulation of active exploits and detection

• Strong understanding of SIEM and UEBA

• Strong knowledge of scripting languages such as Python, Powershell.

• Working knowledge of cloud technologies

• Working knowledge on Forensics tools such as Encase, Sleuth kit, Redline & FTK Imager 

• 3-4 years of experience in the information security field

• 2+ years of experience in incident handling

• 1+ year of experience in forensic

• Education: Bachelor's Degree or equivalent preferably 

• English: fluent

Job schedule: Business Hours Monday-Friday (On Call)

We are committed to creating an inclusive and supportive work environment. If you require any reasonable adjustments during the application or interview process, please let us know, and we will work with you to meet your needs 
#eirforall