Client Overview: Our client is a leading cybersecurity service provider committed to delivering rapid and effective incident response capabilities. They are building out their core team to ensure clients receive immediate and expert assistance during critical security events. We are searching for a dedicated Incident Response Specialist to be a crucial part of this mission-critical function.
The Opportunity: As a Remote Incident Response Specialist, you will be on the front lines of cyber defense, leading and supporting the full lifecycle of security incidents – from initial detection and analysis through to containment, eradication, recovery, and comprehensive post-incident review. Your ability to act decisively and strategically will minimize impact and enhance organizational resilience.
Key Responsibilities Include:
- Responding swiftly to cybersecurity incidents, including data breaches, malware infections, and unauthorized access attempts.
- Performing in-depth digital forensics on compromised systems to determine root cause and gather critical evidence.
- Leveraging SIEM, EDR, and other advanced security tools for effective incident detection, analysis, and threat hunting.
- Developing, refining, and implementing incident response playbooks and procedures.
- Communicating clearly and effectively with internal teams and clients throughout the incident lifecycle.
- Conducting post-incident reviews to identify lessons learned and recommend preventative measures.
- Staying ahead of emerging threat intelligence, attack vectors, and incident response techniques.
We’re Looking For:
- Proven experience (2+ years) in an incident response or advanced Security Operations Centre (SOC) role.
- Strong understanding of widely accepted incident response frameworks (e.g., NIST, SANS Incident Handler).
- Hands-on experience with forensic tools and methodologies.
- Expertise in analyzing diverse data sources, including logs, network traffic captures, and system artifacts.
- Demonstrated ability to perform effectively and make sound decisions under pressure.
- Exceptional communication skills, both written and verbal, for conveying complex technical information.
- Highly desirable certifications include GCIH, GCFA, or CySA+.