Share
A leading cyber technology and services firm, renowned for delivering top-tier consulting and incident response services to organizations worldwide, is seeking a Principal Incident Responder. We collaborate with leading organizations, including Fortune 100 companies, to bolster their cyber resilience and address cyber threats. We are a trusted partner to IT and security teams, senior management, and boards globally.
Our team consists of exceptional talents from elite military technology units and the cyber industry. We harness technological expertise, digital combat experience, data analytics, and a business-oriented approach to empower organizations in the face of cyber threats.
Job Overview
As cyber threats become increasingly complex and frequent, the role of a Principal Incident Responder is critical. You will lead efforts to detect, analyze, and respond to sophisticated cyber threats, helping to protect our clients' operations and reputation. You will conduct detailed forensic analysis, investigate cyber incidents, and work closely with client IT and security teams, often on-site.
Main Responsibilities
- Lead forensic and incident response investigations, including large-scale and sophisticated attacks.
- Perform log analysis, host and network-based forensics, and malware analysis.
- Actively hunt for targeted attacks and emerging threats within client networks.
- Identify indicators of compromise (IOCs) and tools, tactics, and procedures (TTPs) to assess breaches.
- Develop and improve tools and methodologies for investigations and threat hunting.
- Collaborate with client IT and security teams during investigations.
- Generate and present detailed and professional reports on investigation findings.
Main Requirements
- At least 3 years of relevant experience in military service and/or industry.
- Bright, curious, and determined team player striving for excellence.
- Strong problem-solving skills and a deep thinker with a growth mindset.
- Demonstrated understanding of the lifecycle of advanced security threats, attack vectors, and exploitation methods.
- Deep technical knowledge of network fundamentals and common internet protocols.
- Solid understanding of system and security controls on at least two OSs (Windows, Linux/Unix, MacOS), including host-based forensics and analyzing OS artifacts.
- Proficiency in one or more scripting languages (e.g., Python).
- Multidisciplinary knowledge and competencies, including:
- Hands-on experience in data analysis, preferably network traffic or log analysis, using platforms like Jupyter, Splunk, pandas, SQL.
- Familiarity with cloud infrastructure, web applications, servers, and mobile platforms (Android and iOS).
- Experience with malware analysis and reverse engineering.
- Familiarity with enterprise SIEM platforms (e.g., Splunk, QRadar, ArcSight).
- Excellent communication and interpersonal skills. Fluent in English, with the ability to document and explain technical information clearly and concisely.
Join us in a pivotal role where your expertise in incident response will make a significant impact on the cyber security landscape.