Responsible for all daily incident management of customer incidents
Manage complicated incidents which span the globe
Utilize Check Point products in incident investigations
Build incident playbooks for events and provide responses
Create detailed incident report generation for customer events
Perform incident response and forensic analysis of compromised systems, identify and provide recommendations for remediation of DDoS events and the ability to reverse engineer malware.
Formulate and direct incident response efforts, prioritize those response efforts, and create legible incident reports that describe the compromise vector, attacker methodologies, and artifacts of data exfiltration.
Perform forensic analysis of Windows and Unix systems to identify compromise artifacts.
Build sandbox/test lab environments to evaluate malicious code
Work within a team environment and will be responsible for coordinating work actions with that team.
Qualifications
Minimum 2 years of experience performing incident response with emphasis on system compromise analysis, security reviews / vulnerability risk assessments of network environments using both manual procedures and automated analysis tools.
Minimum 2 years of experience of the TCP/IP protocol suite, security architecture, and remote access security techniques/products.
Minimum 1 year of experience with enterprise anti-virus solutions, virus outbreak management, and the ability to differentiate virus activity from directed attack patterns
Minimum 2 years of experience with endpoint or network forensics
Strong skill in documentation (English) for technical and non-technical audience