Ebay CSIRT Incident Response Engineer 

United Kingdom, England, London 

555429534

• Leadership – Guides the CSIRT team in its day-to-day operations, covers during on-call rotations with shift leads, and manages ticket queue/workload.

• Escalations – Responding to escalated events from security analysts to develop/execute security controls, Defence/countermeasures to prevent internal or external attacks or attempts to infiltrate company email, data, e-commerce and web-based systems.

• Research – Researching attempted or successful efforts to compromise systems security and designs countermeasures.

• Communications – Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information and systems.

• Digital Forensics – As it relates to information systems, performs HR investigations and legal holds in a forensically sound manner. Consults with HR and legal subject matter experts to adhere to local country law

• Coverage – Must be willing to work shift work, weekends, and holidays as well as participate in our shift lead on-call rotation.

To be successful in this position, you should be familiar with:

• Incident Response – Getting people to do the right thing in the middle of an investigation.

• Offensive Techniques – Penetration testing, IOCs, and exploits at all layers of the stack.

• Logs - you should be comfortable with a SEIM to be able to gather and analyse logs to recreate incidents and hunt for threats.

• System Forensics – Basic understanding of image acquisition techniques, memory forensics, and the like.

• Networking Fundamentals - TCP/IP Protocols (HTTP, DNS, FTP, DHCP, ARP, etc.), and Wireshark/TCPDump.

• Scripting – Should be familiar in scripting in at least one of the following: python, perl or a similar language.

• Risk Analysis – Taking a vulnerability in a particular environment and understanding the practical associated risk.

• Bachelor’s degree in Computer Science, Engineering, Information Technology, Cybersecurity, or related field.

• Minimum five (5) years of professional experience in incident detection and response, malware analysis, or digital forensics.

• SANS GIAC: GCED, GCIA, GCFA, GPEN, GWAPT, GCFE, GSNA, GPPA, GAWN, GWEB, GNFA, GREM, GXPN, GMON or GCIH

• ISC2: CCFP, CCSP, CISSP

• Cisco: CCNA, CCNP

• CERT: CSIH

• EC Council: CEH, ENSA, CNDA, ECSS, ECSP, ECES, CHFI, LPT, ECSA, or ECIH

• Offensive Security: OSCP, OSCE, OSWP and OSEE

• EnCase: EnCE

In addition, a minimum of three (3) years of specialised experience in one or more of the following areas:

• Security Assessment or Offensive Security

• Application Security

• Security Operations Centre/Security Incident Response

• Cyber intelligence Analysis

This website uses cookies to enhance your experience. By continuing to browse the site, you agree to our use of cookies. Visit our for more information.