Expoint - all jobs in one place

Finding the best job has never been easier

Limitless High-tech career opportunities - Expoint

Ebay CSIRT Incident Response Engineer 
United Kingdom, England, London 
555429534

11.07.2024

Core job functions include:
  • Leadership – Guides the CSIRT team in its day-to-day operations, covers during on-call rotations with shift leads, and manages ticket queue/workload.

  • Escalations – Responding to escalated events from security analysts to develop/execute security controls, Defence/countermeasures to prevent internal or external attacks or attempts to infiltrate company email, data, e-commerce and web-based systems.

  • Research – Researching attempted or successful efforts to compromise systems security and designs countermeasures.

  • Communications – Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information and systems.

  • Digital Forensics – As it relates to information systems, performs HR investigations and legal holds in a forensically sound manner. Consults with HR and legal subject matter experts to adhere to local country law

  • Coverage – Must be willing to work shift work, weekends, and holidays as well as participate in our shift lead on-call rotation.

To be successful in this position, you should be familiar with:

  • Incident Response – Getting people to do the right thing in the middle of an investigation.

  • Offensive Techniques – Penetration testing, IOCs, and exploits at all layers of the stack.

  • Logs - you should be comfortable with a SEIM to be able to gather and analyse logs to recreate incidents and hunt for threats.

  • System Forensics – Basic understanding of image acquisition techniques, memory forensics, and the like.

  • Networking Fundamentals - TCP/IP Protocols (HTTP, DNS, FTP, DHCP, ARP, etc.), and Wireshark/TCPDump.

  • Scripting – Should be familiar in scripting in at least one of the following: python, perl or a similar language.

  • Risk Analysis – Taking a vulnerability in a particular environment and understanding the practical associated risk.

  • Bachelor’s degree in Computer Science, Engineering, Information Technology, Cybersecurity, or related field.

  • Minimum five (5) years of professional experience in incident detection and response, malware analysis, or digital forensics.

Must have at least one of the following certifications:
  • SANS GIAC: GCED, GCIA, GCFA, GPEN, GWAPT, GCFE, GSNA, GPPA, GAWN, GWEB, GNFA, GREM, GXPN, GMON or GCIH

  • ISC2: CCFP, CCSP, CISSP

  • Cisco: CCNA, CCNP

  • CERT: CSIH

  • EC Council: CEH, ENSA, CNDA, ECSS, ECSP, ECES, CHFI, LPT, ECSA, or ECIH

  • Offensive Security: OSCP, OSCE, OSWP and OSEE

  • EnCase: EnCE

In addition, a minimum of three (3) years of specialised experience in one or more of the following areas:

  • Security Assessment or Offensive Security

  • Application Security

  • Security Operations Centre/Security Incident Response

  • Cyber intelligence Analysis

This website uses cookies to enhance your experience. By continuing to browse the site, you agree to our use of cookies. Visit our for more information.