|Job Ref:||204729858||Employer:||cv-library.co.uk||Job Type:||Permanent||Country:||United Kingdom||County/State:||Cambridgeshire||City:||London EC1 OR Peterborough||Address:||Salary:||£40000 - £50000/annum||Post Date:||05/10/2016 03:28|
Information Security / InfoSec / Digital Forensic Engineer is required by this leading charity to step into a role that will be split between stakeholder engagement and technical project work. The successful applicant will already have the knowledge and experience of working on a number of security products that will enable them to specify, select and implement security solutions that are right for our client, as well as assist with a pipeline of 25-30 projects. |
Sample project: A Cloud solution geared towards providing a better service to the end customer requiring a multiple authentication domain. This project would need good knowledge of Microsoft operating products (cloud and on-premise), including user scenarios, architectures and weaknesses.
Other projects include streamling services to their end customers, delivering stronger solutions less prone to attacks and revamping their CRM/customer data.
Applicants applying should have experience in some of the following areas to be considered:
• Delivering ICT security projects and implementing security software, systems, processes and methods; including process design, documentation, lifecycle management and handover.
• An understanding of security guidance frameworks such as the CSA CCM, OpenSAMM and the CSC 20, along with experience of delivering ICT security projects and implementing security software.
• Computer forensic investigation, focussing on APT and TTP attacks from different threat levels including payment gateway data breaches, national state attacks and industrial espionage.
• Responding to and containing security incidents such as crime ware, data breaches and advanced targeted attacks following a standard incident handling life cycle.
• Creating a response and remediation plan during and after an incident.
• An understanding of client-server infrastructures, security architectures and related logging and alerting.
• Knowledge of TCP/IP networking with the ability to perform network forensic analysis.
• An understanding of file system analysis including FAT, NTFS, HFS+ and EXT2/3/4 and ability to find and extract common disk based indicators of compromise.
• Knowledge of Windows, Linux and OS X internals with an emphasis on memory structures and an ability to find and extract common memory based indicators of compromise.
• Conducting malware analysis activities through behavioural techniques with the ability to perform dynamic analysis.
• Scripting languages such as WMIC, PowerShell, Batch and Python in incident response environments.
• Industry experience as part of CSIRT, SOC, Security Operations and Investigations Team in a data regulated and mission critical environment.
• Working with security information and event management tools.
• Experience of analysing network traffic and alerts from various sources and determining the cause.
• General understanding of underlying service protocols such as HTTP, HTTPS and DNS