[linuxjobs] Incident Response Vacancy

[Benjamin Donnachie]

Not strictly a Linux vacancy but I'm looking for incident response
professional with Linux experience.  Job description below, salary up to
£60k.  Based out of our London office with travel required globally.
 Please apply online using the link available from
http://www.accessdata.com/about/career-opportunities

For more information please use my work account - bdonnachie at accessdata.com

No agencies please!

Benjamin Donnachie


*About AccessData Incident Response Services*

AccessData is seeking qualified candidates to join our growing team as
Incident Response Forensics Analysts. Our incident responders have
backgrounds as government and Fortune 100 cyber security practitioners, and
our services are regularly enlisted by some of the largest organizations in
the world to deal with complex and sophisticated compromises. Because
AccessData is also a leading cyber security software developer, our clients
have the benefit of working with services experts who have unmatched
expertise in the technology and the support of our development team behind
them.

*Essential Duties and Responsibilities*

Conduct highly-confidential investigations for a global client list (e.g.,
data loss, virus outbreak, advanced persistent threats)
Conduct examination of digital media (hard drives, mobile phones, etc.)
Capture / analyse network traffic for indications of compromise
Review log-based data, both in raw form and utilising SIEM or aggregation
tools
Employ best practices and forensically sound principals such as evidence
handling and chain of custody
Establish timelines and patterns of activity based on multiple data sources
Identify, document and prepare reports on relevant findings
Utilize varied forensic software such as FTK, Encase, Helix, etc.
Effectively communicate with clients to establish timelines, manage
expectations, and report findings

*Required Knowledge, Skills and Abilities*

Demonstrated computer forensic investigations experience
Expert-level knowledge of common attack vectors and penetration techniques
Solid working knowledge of networking technology and tools, firewalls,
proxies, IDS/IPS, encryption
Demonstrated knowledge of forensic tools such as Encase, FTK, Helix,
Knoppix, Slax, Sleuthkit, SIFT
Experience with malware analysis (reverse engineering)
Excellent technical writing and presentation skills
Ability to successfully interface with clients
Event analysis and correlation
Experience managing large and small scale incidents

*Additional Preferred Skills*

Strong understanding of networking protocols such as TCP/IP, IPSEC, RIP,
EIGRP, OSPF
Experience in a fast-paced consulting organisation
Experience with programming or scripting languages
Familiar with SIEM tools such as ArcSight, NitroSecurity, enVision, etc.
Demonstrated system administration skills

*Education / Experience*

Bachelor’s degree in computer science, digital forensics or related
technical discipline or demonstrated equivalent work experience.
Minimum 5 years required in digital forensics and/or security, with 2 years
desired in incident response
Preference given to candidates with current relevant industry
certifications (ACE, EnCE, CFCE, CCE, DFCP, GCIA, GCIH, GREM, CSIH, etc.)
**Note: Successful candidate will be required to obtain AccessData ACE
certification within 1 year
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.lug.org.uk/pipermail/linuxjobs/attachments/20131121/2034bbac/attachment-0001.html>