Cyber Incident Response Specialist
Job Description
Accenture is a global professional services company with leading capabilities in digital, cloud and security. Find out more about us at accenture.com
Job Descriptions:
Act as the first responder for cyber-security incidents identified through different channels, Human Resources, Employee Relations, Corporate Investigations, ASOC, Infrastructure CIRT, and client escalations.
Investigate cases such as, but not limited to:
Acceptable Use Policy / Code of Business Ethics Violation
Malware
Fraud, Intellectual Property Theft, Industrial Espionage
Cyber Attack / Hacking / APT / Security Breaches
Mobile Devices
Execute documented processes within all activities of the CIRT playbook and security incident response lifecycle. Escalate security events, depending on determined crisis levels, to management in accordance with the incident response plan.
Ensures forensic investigation and incident response procedures comply with standard operating procedures, processes, policies, guidelines, and forensics best practices.
Examine and analyze security events or incidents, and investigate significant issues, related to technology infrastructure. Employ technical, investigative and analytical skills to solve a wide range of complex issues or problems.
Coordinate and resolve, or provide recommendations as necessary, containment and remediation steps, until security incident closure.
Produce detailed written reports outlining the circumstances around the incident, present forensic evidences to a non-technical audience and provide further input as expert opinion. Present and communicate investigation results and relevant findings, for administrative or legal purpose, to internal stakeholders, senior management, auditors or clients, and testify in court as an expert witness, as necessary.
Participate in the improvement and development of forensic methodologies, process/procedure manuals and documentation.
Periodically make recommendations that aid in the successful completion of highly complex and technical projects within a process, control or functional area.
Complete varied complex and non-standard tasks in an assigned area of responsibility.
Provide eDiscovery and litigation support to identify, preserve, collect, process, review and produce electronically stored information (ESI) for litigation purposes.
Mentor and provide guidance to incident response staff on security best practices, processes, procedures and countermeasures.
Qualifications
Minimum qualifications:
Expert understanding of the following topics:
- Significant hands on experience on Computer security incident response and digital forensics.
- Computer / Network forensics tools (i.e. Encase, SIFT, IEF, HB Gary, FireEye, Mandiant/Fire Eye, Nuix)
- Workstation and Server Operating systems (Windows, Linux or OS X, iOS/Android)
- IT Security
- Legal/regulatory aspects of digital forensics and incident response processes and methodologies
Advanced understanding of the following topics:
- Network protocols, TCP/IP fundamentals
- Network based services and client/server applications
- Enterprise systems and infrastructure
- Network architecture and security infrastructure (i.e. intrusion detection systems, data loss prevention, antivirus, etc.)
- System log analysis
- eDiscovery methodologies (i.e. Nuix)
- Perimeter security controls
Knowledge of the following topics:
- Risk assessment procedures
- ISO 27001 / ITIL and COBIT frameworks
- Up to date with current cyber threat landscape and trends
Education/Experience:
- 4 year college degree in computer science or related field is preferred
- Industry certification in multiple operating systems and/or network technologies
- Minimum 5 years’ experience in an information security discipline
- One or more computer forensics and information security certifications is desired:
- Guidance Software Encase Certified Examiner (EnCE)
- EC Council Computer Hacking Forensic Investigator (CHFI)
- EC Council Certified Ethical Hacker (CEH)
- SANS GIAC Certified Incident Handler (GCIH)
- SANS GIAC Certified Forensic Examiner (GCFA)
- ISC2 Certified Information Systems Security Professional (CISSP)
- ISACA Certified Information Systems Auditor (CISA)
- ISACA Certified Information Systems Manager (CISM)
- CompTIA Security +
At Accenture, we recognise that our people are multi-dimensional, and we create a work environment where all people feel like they can bring their authentic selves to work, every day.
Our unwavering commitment to inclusion and diversity unleashes innovation and creates a culture where everyone feels they have equal opportunity. Our range of progressive policies support flexibility in ‘where’, ‘when’ and ‘how’ our people work to ensure that Accenture is an organisation where you can strive for more, achieve great things and maintain the balance and wellbeing you need.
We encourage applications from all people, and we are committed to removing barriers to the recruitment process and employee lifecycle. All employment decisions shall be made without regard to age, disability status, ethnicity, gender, gender identity or expression, religion or sexual orientation and we do not tolerate discrimination. If you require adjustments to the recruitment process or have a preferred communication method, please email exectalent@accenture.com and cite the relevant Job Number, or contact us on +61 2 9005 5000.
To ensure our workplace is inclusive and diverse we are setting bold goals and taking comprehensive action. To achieve these goals, we collect information that allows us to track the effectiveness of our Inclusion and Diversity programs. Learn how Accenture protects your personal data and know your rights in relation to your personal data. Read more about our Privacy Statement.