Cyber Readiness Specialist

The Cyber Readiness Specialist is primarily responsible for escalated security investigations and incident handling. Additionally, the specialist will work with various internal teams to coordinate and escalate security incidents while making recommendations to knowledge-based platforms, playbooks and assisting with identifying operational areas of improvement.

Key Accountabilities:

Assist in the development and integration of incident management in accordance with established policies and guidelines.

Effectively communicate investigative progress, findings, opportunities and challenges to Incident & Crisis Management team

Ensure effective operational controls are working and identify issues to minimise risk.

Lead and coordinate the fact-finding effort for security incidents from initial escalation through after-action reporting. 

Manage intake of incidents and reports from  Security Operations Center and other stakeholders using the internal case management system in a timely and accurate manner.

Maintain plans to improve cyber readiness and prepare attack scenarios to test the robustness of detection and incident response capabilities.

Manage external services related to digital forensics and incident response. 

Provide guidance and incident management expertise with internal teams for the joint development and implementation of security strategies, plans and deliverables in their areas of responsibility.

Work with technology teams to increase cyber readiness capabilities.

Knowledge:

Bachelor's degree in a related area.

Functional knowledge of Cyber Security and Incident Response foundations, theory, terminology (Kill Chain, TTPs, APT, Threat Hunting).

Knowledge or experience with Incident Management programs.

Minimum 7 years of Enterprise Incident Response and/or Security Operations Centre experience.

Relevant Security or Technical certifications including but not limited to (ISC)2, SANS, OSCP.

Skills:

Ability to work independently on a variety of assignments with minimal supervision.

Ability to prioritise activities based on shifting schedules and demands.

Breach Incident Response Experience (Scoping, Sweeping, Containment, Remediation Planning).

Effective investigative skills including: initial inquiry into problem statement/incident leads, analytical approach, hypothesis generation and testing, and creative problem-solving.

Effective communication skills (verbal and written).

Excellent organisational skills and strong attention to details.

Knowledge of / experience with enterprise security tools.

Programming/scripting experience is an asset.

Strong analytical and problem-solving skills.