Responsibilities:
- Collaborate with the team and be responsible for the delivery of client engagements, providing updates to the engagement and/or team lead
- Contribute to the project delivery of the Ensign Consulting – Threat Hunting & Response business; aligns with the project schedule for deliverables and milestones; adaptable to the needs and requirements of the engagement; communicates effectively with clients and internal stakeholders;
- Assist in the response to cyber security incidents and providing efforts in determining the criticality of an incident, investigation of incident actions, appropriate containment, and performing mitigation activities;
- Understanding and familiarity with the phases of the Incident Response life cycle of: analysis, containment, eradication, remediation, recovery;
- Ability to perform malware analysis and reverse engineering will be desirable;
- Contributing to the improvements of the incident response and threat hunting processes by taking advantage of the integration with new technologies and capabilities;
- Participating in the program development plan, which includes development of threat hunting hypothesis, and to continually improve IR Playbooks, SOPs alignments and training;
- Participating in the communication and documentation of the hunt results, details of incidents, and creating status reports of tasks performed to stakeholders;
- Staying abreast of the latest information security controls, practices, techniques and capabilities in the marketplace; leading internal skills development activities for information security personnel on the topic of security monitoring and incident response, by providing mentoring and by conducting knowledge sharing sessions;
- Familiarization with industry digital forensics tools and threat hunting platforms;
- Assisting in the preparation and delivery of clear and concise technical & management reports and formal papers (when necessary) on incident findings to the different levels of customer-end stakeholders including the management. This includes making appropriate level presentations to the customer’s stakeholders;
- Researching and keeping up-to-date with technological trends in relation to cyber security, threat hunting, and digital forensics;
- Performing other job-related duties as assigned