Incident Response Consultant-Digital Forensics & Incident Response

Responsibilities:

• Monitor security alerts and notifications from SIEM systems, IDS/IPS, and endpoint protection solutions.
• Perform real-time analysis of alerts to determine severity and impact of potential incidents.
• Lead and coordinate response to security incidents, including identification, containment, eradication, and recovery.
• Conduct root cause analysis to determine origin and impact of incidents and recommend preventive measures.
• Document and report incidents, creating detailed reports and timelines.
• Perform digital forensics investigations on compromised systems to collect and analyze evidence.
• Analyze and interpret threat intelligence to identify potential risks and enhance detection capabilities.
• Collaborate with threat intelligence teams and external partners to share information and enhance situational awareness.
• Participate in continuous improvement of incident response playbooks and standard operating procedures (SOPs).
• Stay updated on emerging cyber threats, vulnerabilities, and attack vectors.