Cyber Security Incident Response Lead
RealTime are looking for a Senior Cyber Security Incident Response Team Lead to develop an incident management framework, you will educate & train on the execution of the framework to resolve active incidents.
What you get
What you get
- Market leading salary
- Training and development
- Health insurance
- 5 years of experience in the information security field & SIEM deployment
- Working knowledge of SIEM, SOAR, Firewalls, WAF and Proxy
- Experience with vulnerability tools, threat management, data loss prevention, dark web monitoring.
- Experience in an MSSP environment
- Network IDS/IPS, Host IDS/IPS, Network Firewall, Host Firewall, Web Application
- Firewall, EDR, AV, DLP, Identity & Access Management, Web Proxy, Email Security
- GCFA, GCFE, GCIH
- Take command of incidents by managing a cross-functional technical bridge call
- Work with the detection and monitoring team to develop security processes
- Tier three analysis: host forensics, network forensics, log analysis, malware..
- Forensic investigations
- Incident response: analysis, reporting, scanning, troubleshooting..
- Continuous improvement to technology, identifying threats and vulnerabilities
- Communicate effectively with all levels of an organisation
- Experience in a technical customer service/technical support environment
- SIEM, UEBA, MITRE&CK matrices, kill chains and other attack models.
- Scripting: Python, Powershell..
- Working knowledge of cloud technologies, windows infrastructure & networking.
- Experience integrating endpoint security and host-based intrusion detection solutions