The Senior Cyber Incident Response Analyst will work within established methodologies to perform a variety of Incident Response related activities for new and existing customers, to include responding to cyber incidents, proactively hunting for adversaries in customer networks, conducting detailed Intrusion analysis – host and network, malware reverse engineering, Digital forensics and Cyber Threat Intelligence services. Proactive client services, such as compromise assessments and evaluating and recommending tools and technology for incident response are also in scope. Demonstration of a strong comprehension of malware, emerging threats and adversary TTPs will be critical to success. Desired Skills
Customer focus - have the ability to work directly with customers and demonstrate services delivered to customers in a face to face setting when required. - You will have the capacity to multitask on several technical and operational issues simultaneously. Have a very good understanding of customer issues and you are able to empathize with customers as to their current situation. - Ability to think through difficult issues and provide advice or when necessary
A clear understanding of the ITIL processes
Ability to work on assignments requiring sound judgement in resolving issues or in making recommendations;
Initiative to drive all incidents to resolution, ensuring timely participation by all stakeholders;
Without hesitation when required, escalate issues to upper management, to include C-Level managers, in accordance with prescribed procedures. - Incident Management and Incident communication experience
Experienced in meeting deadlines while following processes and procedures
Capable of working with other teams that challenge your processes and procedures
Understanding of ITIL, SANS, PCI DSS, ISO 27001 and ISO20000
Logical thought mindset and experience developing reusable processes / data architectures. - Professional/native Swedish and professional English
Technical Knowledge Requirements
Host Intrusion Analysis
Windows (Endpoint and Server)
Unix
Network Intrusion Analysis
Familiarity with categories of Malware and Malware Reverse Engineering techniques
Experience working with security tools for the purposes of detection, diagnosis, containment and remediation
Extensive knowledge of Windows server systems. - Experienced in creating and maintaining a security incident response plan (IRP). Certifications/Qualifications
