Senior Consultant –Incident Response and Digital Forensics

Acest job nu mai este activ!

Vezi toate job-urile Deloitte Romania active.


Vezi toate job-urile Senior Consultant –Incident Response and Digital Forensics active pe Hipo.ro

Vezi toate job-urile in IT Software active pe Hipo.ro

Angajator: Deloitte Romania
Domeniu:
  • IT Software
  • Tip job: full-time
    Nivel job: 1 - 5 ani experienta
    Orase:
  • BUCURESTI
  • Actualizat la: 17.04.2017
    Remote work: On-site
    Scurta descriere a companiei

    Voted the Most Desired Employer in Romania, in the Financial Services Industry, five consecutive times, in the Catalyst surveys, Deloitte Romania provides services in audit, tax, legal, consulting, financial advisory, risk advisory, business processes as well as technology services, through 2,000 professionals. The Regional Audit Delivery Center (RADC) provides Audit services to various Country Member Firms from Deloitte Central Europe and to their clients. The Tax & Legal Delivery Center (TLDC) offers services focused on 5 service lines: GES (Global Employer Services), Business Tax, Global Tax Center Europe, Global Trade Advisory (GTA) and Legal Center of Excellence (CoE).
    Worldwide, Deloitte serves four out of five Fortune Global 500 companies through a globally connected network of member firms in more than 150 countries and territories, with over 330,000 professionals. The organization is recognized among “World’s Best Workplaces™” by Great Place to Work® and Fortune and among “World’s Most Attractive Employers”, by Universum, according to 2020 surveys.

    We believe that innovation comes from contrasting disciplines, backgrounds and cultural perspectives and that the innovative solutions our people deliver have to always make an impact that matters. We celebrate individual strengths and we prioritize our people’s well-being.

    You bring the ambition, we’ll provide the opportunities.

    Cerinte

    Deloitte's Enterprise Risk Services has a risk-based approach, experienced professionals, comprehensive methodologies, and technical resources for serving our client in the areas of cyber security, IT and internal audit, risk management, and compliance. We are constantly looking for experienced security professionals, with experience across a range of information security disciplines.

    Requirements:

    • University degree – preferably ASE - CSIE, UB - Mathematics & Informatics, or Polytechnic University, or Computer Science equivalent;
    • At least 1-3 years relevant work experience in: performing technical forensic system examination for cases such as malware investigation, data exfiltration, system compromise, and system user activity profiling.
    • Good knowledge of Cyber Threat Intelligence principles to include indicators of compromise (IOC) types, indicator pivoting and indicator attribution strength
    • Strong technical skills in the following areas: Forensic examination practice, process, methods, and report writing, network communication using TCP/IP protocols, basic Windows and Linux system administration, understanding of malware (malware communication, installation, malware types), intermediate knowledge of computer network defense operations (proxy, firewall, IDS/IPS, router/switch) and open source information collection.
    • Knowledge of programming and scripting for development of security tools; strong programming skills preferred (Python, Ruby, Node.js, C/C++, Assembly, etc.);
    • Ability to quickly understand and adapt to a complex and rapidly changing environment;
    • Demonstrable problem solving, analytical skills and attention to detail
    • Demonstrated ability to create comprehensive assessment reports
    • Ability to convey complex technical security concepts to technical and non-technical audiences including executives;
    • Fluency in written/spoken English.

    Other appreciated areas:

    • Proficiency and experience performing network security monitoring and PCAP analysis using common analysis tools (examples include Wireshark, Security Onion, Network Miner, Moloch, etc.). Candidate must be strongly proficient at dissecting PCAP data, identifying and decoding protocols, extracting files, and applying standard filters such as Berkley Packet Filter (BPF).
    • Experience of configuring and supporting firewall and intrusion detection technologies is a plus;
    • Ability to build intrusion related data visualizations and perform analysis (e.g. using Splunk etc.)
    • Previous experience in various technologies and concepts including: Firewalls & Intrusion Detection/Prevention; Malware protection; Virtual technologies; System hardening; Web application firewalls; Log management & SIEM; Vulnerability management
    • Familiarity with many different network architectures, network services, system types, network devices, development platforms and software suites (e.g. Linux, Windows, OS X, Cisco, Oracle, Active Directory, JBoss, .NET, etc.)
    • One or more of the following certificates, or equivalent, would be desired: Certified Forensics Examiner (GCFE), Certified Forensic Analyst (GCFA), Certified Incident Handler (GCIH), EnCase Certified Examiner (EnCE), Certified Computer Examiner (CCE), and Certified Computer Forensics Examiner (CCFE).

    Responsabilitati

    Responsibilities:

    • Follows client and incident specific procedures to perform basic triage of said potential security incidents to determine their nature and priority, and eliminate obvious false positives, and coordinate with clients to identify, analyze, and mitigate security incidents;
    • Provides incident response and forensics services including forensics data collection and processing, malware and log analysis, containment approach definition, etc.
    • Performs live incident management activities that include reactive and proactive engagements, identifying and remediating malicious applications and actions, collect live systems artifacts and perform system and network forensics;
    • Maintaining awareness of the client’s technology architecture, known weaknesses, the architecture of the security solutions used for monitoring, imminent and pervasive threats as identified by client threat intelligence, and recent security incidents;
    • Continually improves the service by identifying and correcting issues or gaps in knowledge capital (analysis procedures, playbooks, and client network models), identifying and recommending new or updated tools, content, countermeasures, scripts, etc.
    • Supports security assessment & ethical hacking engagements which include: security architecture assessments, security configuration assessments, code reviews, intrusion testing targeting the network and application layers;
    • Assists with designing and reviewing information security policies and procedures.

    Job-uri similare care te-ar putea interesa:

    Hybrid

    Hybrid

    Aplica fara CV
    Remote

    Vezi job-uri similare (593)