T&T | Cyber: D&R |Consultant | Incident Response & Handling |

Key Responsibilities:

• Lead and coordinate incident response efforts for cybersecurity events, including data breaches, malware infections, system compromises, and DDoS attacks.
• Perform in-depth analysis of security incidents to determine the root cause, scope, and impact.
• Develop and implement incident response plans, playbooks, and standard operating procedures (SOPs).
• Collaborate with internal teams (e.g., IT, legal, compliance) and external stakeholders (e.g., law enforcement, third-party vendors) to address security incidents.
• Provide real-time technical guidance and support during incident response activities.
• Perform digital forensics to collect and analyze evidence related to cybersecurity incidents.
• Conduct post-incident reviews and create detailed reports with recommendations for improvement.
• Develop proactive security measures, including detection tools, threat intelligence sharing, and risk mitigation strategies.
• Provide guidance and mentorship to junior team members, assisting with incident triage and analysis.
• Stay up to date with the latest cybersecurity threats, vulnerabilities, and incident response best practices.
• Participate in threat-hunting activities to identify potential threats before they escalate into incidents.
• Ensure compliance with industry regulations and organizational security policies during incident handling.

Qualifications:

• Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related field (Master's preferred).
• Industry certifications such as

  Certified Incident Handler (GCIH)

  ,

  Certified Information Systems Security Professional (CISSP)

  ,

  Certified Ethical Hacker (CEH)

  , or similar certifications are highly desirable.
• Proven experience in cybersecurity incident response, including handling data breaches, network intrusions, and advanced persistent threats (APTs).
• Knowledge of industry-standard incident response frameworks, such as

  NIST SP 800-61

  and

  SANS

  .
• Experience with security monitoring tools, SIEM (Security Information and Event Management) platforms, and threat intelligence tools.
• Strong understanding of network protocols, operating systems, and cyber threat landscape.
• Experience with digital forensics tools and techniques (e.g., EnCase, FTK, X1, or similar tools).
• Strong communication skills, with the ability to clearly explain complex technical issues to both technical and non-technical stakeholders.

Skills and Competencies:

• Expertise in incident response, threat analysis, and mitigation.
• Ability to work under pressure in high-stress, fast-paced environments during security incidents.
• Strong problem-solving and analytical thinking abilities.
• Knowledge of network and endpoint security technologies.
• Experience with cloud security and virtualized environments is a plus.
• Ability to produce detailed and actionable incident reports.
• Solid understanding of relevant cybersecurity laws, regulations, and frameworks (e.g., GDPR, HIPAA, PCI-DSS, ISO 27001).

Preferred Experience:

• Experience working in a

  Telecommunications and Technology (T&T)

  environment, with familiarity with common T&T-specific threats and vulnerabilities.
• Background in

  digital forensics

  ,

  malware analysis

  , or

  threat intelligence

  .
• Knowledge of automation in incident response workflows and security orchestration tools.
• Experience with advanced attack vectors such as

  ransomware

  ,

  zero-day vulnerabilities

  , and

  social engineering

  attacks.

Personal Attributes:

• Highly adaptable and able to quickly respond to evolving threats.
• Strong attention to detail and ability to prioritize tasks effectively.
• A proactive approach to cybersecurity, anticipating potential risks before they materialize.
• Strong team player with the ability to collaborate effectively across departments.