Senior Cyber Incident Response Analyst

Role: Senior Cyber Incident Response AnalystLocation: Remote with occasional visit to client sites (must have valid right to work)About Integrity360 Integrity360 is an the largest independent cybersecurity provider in UK&I, with Security Operations Centers in Dublin & Sofia, employing 310+ employees, of which over 80% are technical. We help our clients proactively identify, protect, detect and respond to threats against the ever-evolving threat landscape. Our security first approach positions security as an enabler and empowers our clients to do business securely.You would be joining Integrity360 at an immensely exciting time. In June 2021 the company received a strategic investment from August Equity (one of the UK’s most successful mid-market private equity firms). Our intention is to grow Integrity360 into the leading cyber services and solutions provider in Europe. The market for cybersecurity services has never been stronger and is growing at an aggressive rate. Integrity360 is one of the most respected and established service providers in the industry and is well positioned to achieve a market leadership position over the coming years. We believe we have significant opportunities for growth especially over the next 36 months. With the right levels of energy, tenacity and skill, your opportunity for personal success and contribution to our overall aspirations is considerable.Job Role & ResponsibilitiesThe Senior Cyber Incident Response Analyst will work within established methodologies to perform a variety of Incident Response related activities for new and existing customers, to include responding to cyber incidents, proactively hunting for adversaries in customer networks, conducting detailed Intrusion analysis – host and network, malware reverse engineering, Digital forensics and Cyber Threat Intelligence services.Proactive client services, such as compromise assessments and evaluating and recommending tools and technology for incident response are also in scope. Demonstration of a strong comprehension of malware, emerging threats and adversary TTPs will be critical to success.Primary Duties/Responsibilities include:Key technical resource in support of Cyber Incident Response - Incident lifecycle management from identification through triage and containment.Assist with scoping prospective engagementsThorough understanding of enterprise security controls in Active Directory / Windows environmentsStrong network analysis and diagnosis skillsKnowledge of Intrusion Detection Systems and methods of security hacking/penetration testing​Desired SkillsCustomer focus - have the ability to work directly with customers and demonstrate services delivered to customers in a face to face setting when required.You will have the capacity to multitask on several technical and operational issues simultaneously. Have a very good understanding of customer issues and you are able to empathise with customers as to their current situation.Ability to think through difficult issues and provide advice or when necessaryA clear understanding of the ITIL processesAbility to work on assignments requiring sound judgement in resolving issues or in making recommendations;Initiative to drive all incidents to resolution, ensuring timely participation by all stakeholders;Without hesitation when required, escalate issues to upper management, to include C-Level managers, in accordance with prescribed procedures.Incident Management and Incident communication experienceExperienced in meeting deadlines while following processes and proceduresCapable of working with other teams that challenge your processes and proceduresUnderstanding of ITIL, SANS, PCI DSS, ISO 27001 and ISO20000Logical thought mindset and experience developing reusable processes / data architectures.​Desired Technical ExperienceHost Intrusion AnalysisNetwork Intrusion AnalysisFamiliarity with categories of Malware and Malware Reverse Engineering techniquesExperience working with security tools for the purposes of detection, diagnosis, containment and remediationExtensive knowledge of Windows server systems.Experienced in creating and maintaining a security incident response plan (IRP).Windows (Endpoint and Server)Unix​QualificationsAny of the following accreditations/creditations will be highly beneficial:SANS: Qualifications in Security Essentials (GSEC), Hacker Techniques & Incident Handling (GIH), Host (GCFE/GCFA) & Network (GNFA) Forensics, Malware Analysis (GREM) and any Digital Forensics specialisations.CREST certifications: Certified Incident Manager, Certified Host Intrusion Analyst, Certified Network Intrusion Analyst, Certified Malware Reverse Engineer, Practitioner Intrusion Analyst, Registered Intrusion AnalystCertified Ethical Hacker​