A global leader in consulting, technology services and digital transformation, Capgemini is at the forefront of innovation to address the entire breadth of clients’ opportunities in the evolving world of cloud, digital and platforms. Building on its strong 50-year heritage and deep industry-specific expertise, Capgemini enables organizations to realize their business ambitions through an array of services from strategy to operations. Capgemini is driven by the conviction that the business value of technology comes from and through people. It is a multicultural company of 200,000 team members in over 40 countries. The Group reported 2018 global revenues of EUR 13.2 billion. People matter, results count.
You will work as a steer within a client’s 24×7 Security Operations Centre (SOC) environment with potential on-call responsibilities. Acting as a technical guide, SOC organisational interface and point of escalation when required.
This assignment forms part of a multiyear Global SOC transformation programme for one of our clients.
Your responsibilities include, but are not limited to, performing study of security incidents, including correlating actionable security events, network traffic analysis, host based exploration, reverse engineering and custom sensor output as required. This is to be performed whilst maintaining situational awareness of cyber activity by reviewing information, both open and closed source, around new vulnerabilities, malware, threat actor tactics, techniques and procedures (TTP’s), and Indicators of Compromise (IOC’s) which may have an impact to the organisation. Document threat campaign(s) and techniques, adversary information, detections and indicators of compromise (IOCs) as they relate to the security of the organisation
As a Subject Matter Expert, you’ll provide investigation oversight and specialist skills in the areas of Network Monitoring, Digital Forensics and/or Malware Analysis and undertake proactive threat hunting within the organisation to identify and remediate undiscovered threats by the existing technology. You will be expected to be the incident lead to coordinate resources during enterprise incident response efforts, driving incidents to timely and complete resolution.
You will be expected to employ logical frameworks and advanced analysis skills to reconstruct and synthesise end-to-end attacks to enable intelligence extraction, correlation and then recommend sound remediation and recovery approaches aligned to incidents investigated. Use this to enhance technological and defensive policy procedures. You will utilise research and skills to proactively recommend enterprise security enhancements to management and be responsible for undertaking Quality and/or Technical Assurance on incidents investigated within the SOC to ensure alignment with analytical frameworks and industry best practices.
You will also have the ability to guide a technically adept team and will be tasked to successfully research and maintain proficiency in tools, techniques and countermeasures.
You will use your customer service and teamwork skills to act as the interface with external entities including law enforcement organisations, intelligence community organisations and other government agencies as required whilst delivering status reports, briefings, recommendations, and findings to management and executives.
Professional technical experience in the Information Security domain utilising a range of security technologies, within an enterprise environment, such as:
- Log Analysis & SIEM (Splunk and/or ArcSight)
- Network Analysis including Full Packet Capture
- Host Analysis, across Linux and Windows estates, including Antivirus detections
- Scripting (Python, Pearl, Ruby)
- Security Architecture
- Intrusion Detection & Prevention Systems (IDS/IPS)
- Digital Forensics and Incident Response (DFIR)
- Malware Analysis and Reverse Engineering
- Threat Hunting Principles and Approaches
Experience performing as a Technical Leader and experience as a Subject Matter Expert (SME) in either the discipline of Digital Forensics and Incident Response, or Malware Analysis and Reverse Engineering, utilising standard commercial and open source tools, such as:
- EnCase Enterprise
- Forensic ToolKit
- IDA Pro
- Strong foundational knowledge of basic technology and security items such as:
- TCP/IP Protocol Suite
- Security Architecture in Enterprise Environments
- Common Network Protocols (such as DNS)
- Remote Access Security Suites
- Industry Best Practices for Information Security and DFIR
Professional development. Accelerated career progression. An environment that encourages entrepreneurial spirit. It’s all on offer at Capgemini. And although collaboration is at the core of the way we work, we also recognise individual needs with a flexible benefits package you can tailor to suit you.
At Capgemini, we help organisations across the world become more agile, more competitive and more successful. Smart, tailored, often-groundbreaking technical solutions to complex problems are the norm. But so, too, is a culture that’s as collaborative as it is forward thinking. Working closely with each other, and with our clients, we get under the skin of businesses and to the heart of their goals. You will too.
Capgemini positively encourages applications from suitably qualified and eligible candidates regardless of sex, race, disability, age, sexual orientation, gender identity, religion or belief, marital status, or pregnancy and maternity. We are committed to hiring, developing and retaining the best people to deliver innovative, world-class solutions for our clients. We foster an inclusive culture that enables everyone to achieve their full potential and enjoy a fulfilling career with us. Our comprehensive flexible benefits package and lifestyle policies enable our employees to balance their individual, family and work-life needs
To apply for this job please visit www.capgemini.com.
Please mention you found this job on infosec-jobs.com to help us get more companies to post here 🙂