Incident Response Security Consultant, Mandiant
🇬🇧 United Kingdom
Management
GCP
Cybersecurity
Testing
Incident Response Security Consultant, Mandiant
from 🇬🇧 United Kingdom
In-office locations: London, UK.
Remote location(s): United Kingdom.
Minimum qualifications:
- Bachelor's degree in Computer Science, Information Systems, Cybersecurity, related technical field, or equivalent practical experience.
- 3 years of experience delivering cyber outcomes, identifying mission risks, and devising solutions to combat public sector focused threats
- 3 years of experience working end-to-end incident response investigations, analysis, or containment actions.
- Experience implementing industry-leading practices around cyber risks and Cloud security for clients’ cloud security frameworks using industry standards.
- Ability to travel up to 30% of the time as needed.
Preferred qualifications:
- Knowledge of tools used in penetration testing, security event analysis, incident response, computer forensics, network and endpoint architecture, or other security operational areas.
- Knowledge of security frameworks, such as ISO 27001, NIST 800-53, HIPAA/HITECH, or PCI DSS.
- Ability to successfully interact with clients and manage expectations.
About the job
As an Incident Response Consultant, you will provide industry-leading incident response, assessment, transformation, managed detection and response, and training services with in-depth tactical support. You will help organizations effectively detect and respond to threats and reduce the overall impact of business risk before, during, and after an incident.
Responsibilities
- Collaborate with internal and customer teams to investigate and contain incidents.
- Recognize and codify attacker tools, tactics, and procedures (TTPs) and indicators of compromise (IOCs) that can be applied to current and future investigations.
- Conduct host forensics, network forensics, log analysis, and malware triage in support of incident response investigations.
- Lead client-facing incident response engagements, examine cloud, endpoint, and network-based sources of evidence.
- Develop and present comprehensive and accurate reports, trainings, and presentations for both technical and executive audiences.






