Incident Response Analyst

Job Description

Why Join Us? As the world’s leading vendor of Cyber Security, facing the most sophisticated threats and attacks, we’ve assembled a global team of the most driven, creative and innovative people. At Check Point, our employees are redefining the security landscape by meeting our customers’ real-time needs and providing our cutting-edge technologies and services to an ever-growing customer base. If you want to make the world a safer place – you belong with us. Key Responsibilities Responsible for all daily incident management of customer incidents Manage complicated incidents which span the globe Utilize Check Point products in incident investigations Build incident playbooks for events and provide responses Create detailed incident report generation for customer events Perform incident response and forensic analysis of compromised systems, identify and provide recommendations for remediation of DDoS events and the ability to reverse engineer malware. Formulate and direct incident response efforts, prioritize those response efforts, and create legible incident reports that describe the compromise vector, attacker methodologies, and artifacts of data exfiltration. Perform forensic analysis of Windows and Unix systems to identify compromise artifacts. Build sandbox/test lab environments to evaluate malicious code Work within a team environment and will be responsible for coordinating work actions with that team. Qualifications Minimum 2 years of experience performing incident response with emphasis on system compromise analysis, security reviews / vulnerability risk assessments of network environments using both manual procedures and automated analysis tools. Minimum 2 years of experience of the TCP/IP protocol suite, security architecture, and remote access security techniques/products. Minimum 1 year of experience with enterprise anti-virus solutions, virus outbreak management, and the ability to differentiate virus activity from directed attack patterns Minimum 2 years of experience with endpoint or network forensics Strong skill in documentation (English) for technical and non-technical audience Ability to participate in on-call rotation Domestic and International travel may be required Candidates must have an existing work right in -at least- one of the following countries: Philippines/ India/ Singapore/ Australia. No relocation assistance / sponsorship provided for this role.