Incident Response Practitioner
As Incident Response Practitioner you will work across a broad range of our clients to deliver investigations and incident response services. These services are aimed at responding to and containing security incidents for our clients, with a particular focus on advanced targeted attacks. This can also cover a wide range of areas including forensic investigations, proactive compromise assessments and guiding our clients through the implementation of response procedures.
The role also requires the ability to clearly communicate to a range of audiences from technical practitioners through to executive boards. This requires the ability to identify technical issues and describe them in the language of the business you are engaged with.
A successful candidate should have a good general knowledge of both enterprise IT platforms and information security. They will be required to understand the motivations and methods adopted by a wide range of threat sources with a good understanding of how exploitation of systems occurs.
Skills and Experience:
- Excellent understanding of client-server infrastructures, security architectures and related logging and alerting
- Knowledge of TCP/IP networking with the ability to perform deep-dive network forensic analysis
- Good understanding of file-system analysis
- Knowledge of Windows, Linux and/or OS X internals
- Knowledge of and experience in Malware Analysis to a minimum level of behavioural analysis
- Ability to report key findings in a clear and concise manner both at technical and senior management level
- Some experience with a scripting language such as Python, Ruby, Powershell or Bash is desirable
- CREST Registered Incident Response Practitioner (preferred)
Marclay Associates is recognised as a leader in the provision of Cyber Security services and is CREST certified for incident response and penetration testing.
We specialise in working with high-profile and high-risk organisations to provide solutions that help secure information in a rapidly changing world of digital threats. Headquartered in London, we operate on a global scale, supporting companies and organisations navigate through the challenges of information security and resilience.