vergrootglas
Op zoek naar een baan?
Actueel en relevant
logo PwC

Incident Response Professional - PwC

Location: Amsterdam
Employment: Full-time
Your role will primarily consist of conducting incident response investigations on behalf of a wide variety of clients across every sector.

Incident Response Specialist

About the team

Our Cyber Threat Operations practice is PwCs front-line technical services group, responsible for the development, management and execution of a portfolio of blue and red team services. We provide subscription and bespoke threat research services, short-term and managed endpoint and network hunting services, incident response and readiness services and adversary emulation.

About The Role

Are you passionate about investigating state sponsored attacks, data breaches, economic espionage and targeted intrusions? Join the Incident Response team at PwC, which is responsible for the development and delivery of incident response and threat hunting services provided by PwC across the globe, ranging from single-system analysis to major intrusions on some of the world’s largest corporate networks.

The Incident Response Specialist role will primarily consist of conducting incident response investigations on behalf of a wide variety of clients across every sector. Within the role you will have scope to be involved in all aspects of incident response activity, as well as to develop specialisms in particular areas. You will be working within complex security environments and alongside Incident Response Managers to design, communicate and execute incident response, containment and remediation plans.

Responsibilities

  • Plan, organise and devise approaches necessary to respond to incidents and obtain useful forensic information from the evidence collected
  • Prioritising and differentiating between potential intrusion activity and false alarms
  • Conduct incident and investigation post-mortem briefings, analysis, and reporting
  • Conduct forensic investigations including physical/logical disk, network packet capture, memory analysis or malware analysis
  • Provide technical guidance to investigations to correctly gather, analyse and present digital evidence to both business and legal audiences
  • Collate conclusions and recommendations and present forensics findings to stakeholders
  • Contribute to the development of policies, standards and guidelines for incident response
  • Correlate threat intelligence with active attacks and vulnerabilities within the enterprise
  • Monitor and analyse security events and identify trends, attacks, and potential threats
  • Research and test out new DFIR tooling and techniques
  • Creating and tracking security investigations to resolution; and, Facilitate the integration of threat and data feeds for the purposes of incident response

Skills and Experience

We expect you will already be able to demonstrate experience and knowledge in one or more of the following areas:

  • Experience in forensic capture and investigation tools such as EnCase, X-Ways, SIFT or F-Response
  • Experience with log management solutions such as Splunk, Elastic
  • Knowledge of Windows system internals and ability to identify common indicators of compromise from dead or live systems and live memory using tools such as the SysInternals suite, RegRipper, Volatility, or Mandiant Redline
  • Experience of gleaning and analysing security information from enterprise network and host based sensors, such as IDS/IPS systems, HIDS, SIEMs, AD controllers and firewalls
  • Expertise analysing raw network traffic captures or deployment and use of network forensics or monitoring devices such as FireEye, Solera, WireShark, SNORT or Netwitness
  • Knowledge of scripting languages such as Python, Perl or PowerShell and their use in forensic analysis and live incident response, or experience using other programming languages to develop software for host-centric, network-centric or log-centric security analysis

At PwC Diversity and Inclusion are on top of mind.

Location:
Amsterdam

Information and application:

Apply:

Please send your application for Incident Response Professional at PwC in Amsterdam including your CV via our website.

Job code:

126323WD

Job posted

16 januari 2021
Apply Now

More information:

If you have specific questions about this vacancy you can mail to Keesjan Bongaertz, Talent Acquisition CF&P
keesjan.bongaertz@pwc.com .

Read all about working at PwC

Wil je deze vacature delen met je netwerk?
Contactgegevens

Careerguide

Transistorstraat 7
1322 CJ Almere

Postbus 60184
1320 AE Almere

Tel: 036 - 7440 136

KvK 32090652
ING Bank NL91INGB065.42.67.456
BTW NL.8106.57.041.B01

Wie we zijn

Careerguide heeft 25 vacaturebanken voor specialisten!
Onze vacaturebanken (geen bemiddeling) bieden professionals relevante vacatures binnen hun expertise

Ook een vacature plaatsen? Neem contact met ons op:


Nienke Smit   Pieter Lammers
Nienke Smit
n.smit@careerguide.nl
06-41454957
  Pieter Lammers
p.lammers@careerguide.nl
06-41454956