Senior Incident Response Consultant 2
sophos
Romania
permanent
Questo lavoro fa per te?
Carica il tuo CV e scopri quali ti si addicono davvero.
What You Will Do
- Readiness
- Conduct comprehensive reviews of incident response plans, identifying gaps and developing tailored strategies to strengthen organizational preparedness.
- Design and deliver customized incident response playbooks to address specific threats and operational needs.
- Facilitate training sessions on incident response fundamentals to build customer capabilities.
- Lead workshops, tabletop exercises, drills, and functional simulations to evaluate and improve readiness.
- Provide strategic guidance to customers on integrating readiness into broader security programs.
- Contribute to the development of readiness methodologies and internal knowledge sharing.
- Incident Response
- Serve as a subject matter expert in digital forensics and incident response (DFIR).
- Lead large-scale, complex investigations involving host, network, and cloud artifacts to determine the nature, scope, and root cause of cyber incidents.
- Collaborate and coordinate with cross-functional incident response teams.
- Guide containment, remediation, and recovery efforts to secure environments post-incident.
- Maintain a professional, calming, and authoritative presence during high-pressure incidents.
- Brief senior leadership and technical teams on findings, risks, and recommendations.
- Support the development of incident response methodologies and contribute to internal capability building.
- Participate in a 24x7 emergency response rotation which includes weekends.
- Comprehensive experience in both readiness and incident response.
- Strong analytical and problem-solving skills.
- Ability to lead and mentor cross-functional teams.
- Excellent communication skills, including executive briefings.
- Proven ability to manage high-stakes engagements.
- Experience with forensic tools and techniques (e.g., EDR, log analysis, malware analysis).
- Familiarity with enterprise environments including Windows, Linux, Azure, AWS, and M365.
- Strong understanding of attacker Tactics, Techniques, and Procedures (TTPs) and modern detection and response strategies.
- Willingness to travel up to 20%, including on short notice, to support on-site customer engagements.
- 8–12 years of experience in cybersecurity or related fields, with a focus on incident response and readiness.
- Demonstrated ability to lead high-profile incidents and readiness initiatives.
- Relevant certifications (e.g., GIAC, CISSP, CISM, or similar) are a plus but not required; proven impact and expertise are primary qualifiers.
Questo annuncio proviene da ats_lever. Vedi l'annuncio originale ↗