Skip to content

 

Melbourne, Melbourne - AUD Permanent Posted: Thursday, 12 September 2019
 
 
About the role: We are looking for an Incident Responder to join our growing Cyber Security team, with a passion for customer-focused, holistic security outcomes that bridge the gap between cybersecurity and business outcomes. This role is suited to those with 3+ years in a similar role. In this role you will be responsible for responding to cyber incidents, performing forensic investigations and threat hunting for both Interactive's internal environment and managed cybersecurity customers. Your key responsibilities include:

Responding to security incidents: Contain, eradicate and recover systems with infections, ranging from phishing to complex malware/APT campaigns
Develop and use Digital Forensic Investigation Tools (DFIT), Endpoint Detection and Response (EDR) and sandboxes to analyze and eradicate malicious programs and behaviors
Acquire, analyze and preserve digital evidence from a variety of workstation, server, and mobile platforms
Generate high-quality forensic examination reports to communicate findings clearly and concisely to technical and non-technical business unit managers
Develop security incident playbooks, cyber incident response tools, techniques and procedures
Identifying Indicators of compromise and work with our security operations centre to improve our detection capability

To be successful in this role, you will have:

Experience investigating security incidents
Knowledge of cyber attack stages (eg, reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks)
Understanding of offensive security methodologies and tools including Kali Linux, Metasploit, Nmap, BurpSuite
Knowledge of Malware Triage, Reverse Engineering, and YARA tools and rulesets
Expert understanding of computer/network forensics tools (eg Encase, FTK)
Experience in SIEM platforms and attack detection tools. IBM QRadar experience preferred
Understanding of infrastructure-level technologies (Firewalls, Networks, Windows Server, Linux, VMware, Azure, AWS)

In addition, the following experience is not essential, but nice to have:

Experience with cybersecurity tools including Qualys, Carbon Black, Fortinet, ForcePoint DLP, Mimecast
Understanding of Scripting languages (Powershell, Python)
Understanding of security control frameworks including ISO27001, NIST 800-53, Australian Signals Directorate Top 35, PCI-DSS and risk management frameworks

Melbourne, Melbourne, Australia
IT
AUD
Interactive
Interactive
JS11422/755271229
12/09/2019 10:10:07 AM

We strongly recommend that you should never provide your bank account details to an advertiser during the job application process. Should you receive a request of this nature please contact support giving the advertiser's name and job reference.

Other jobs like this

Melbourne, Melbourne
AUD
Melbourne, Melbourne
150k - 200k Annual AUD
Melbourne, Melbourne
AUD