Security Expert

Position Responsibilities :

1.Security Forensics

•Collect digital evidence from compromised systems, network devices, and log files.

•Use forensic tools and techniques to ensure the integrity and accuracy of the evidence.

•Analyze the collected data to identify the attack vectors and attacker behavior.

•Reconstruct the timeline of the incident to determine the cause and spread of the attack.

•Prepare detailed incident analysis reports, including the discovery, investigation process, analysis results, and recommended corrective actions.

2.Security Model and Playbook Development

•Develop threat models to assess potential security risks and vulnerabilities.

•Develop detailed incident response playbooks for various types of security incidents (e.g., phishing attacks, malware infections, data breaches).

•Ensure playbooks are actionable and provide clear guidance for incident detection, containment, eradication, and recovery.

•Prepare reports and presentations for management, detailing the status and effectiveness of security models and playbooks.

Personnel Qualification Requirements :

Education:

Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.

Work experience:

A minimum of 5 years of experience in a security operations or similar role, with experience in incident handling and response；

Certifications:

Relevant certifications such as Certified Information Systems Auditor（CISA）,Certified Information Systems Security Professional (CISSP), or similar are preferred.

4.Working Conditions:

•Full-time position, typically in an office environment, but may require travel to collect on-site evidence.

•May require overtime or on-call availability during significant security incidents.

•Continuous professional development to stay current with evolving cybersecurity threats and technologies.

Personnal Skill Requirements :

1.Analytical Skills

•Strong ability to analyze complex data sets to identify patterns and anomalies.

•Capability to conduct thorough investigations and draw accurate conclusions from forensic data

2. Technical Proficiency

•Expertise in using forensic tools and software

• Knowledge of operating systems, networking, and common protocols to understand and analyze digital evidence.

• Proficiency in scripting languages (e.g., Python, Bash,SQL) for automating forensic tasks.

3. Attention to Detail

• Meticulous approach to collecting, preserving, and analyzing digital evidence.

• Ensures the accuracy and integrity of evidence to withstand legal scrutiny.

4. Problem-Solving Skills

•Ability to think critically and solve complex problems related to cyber incidents.

• Innovative in developing solutions to new and emerging cybersecurity threats.

5. Communication Skills

•Strong written and verbal communication skills for documenting findings and reporting to stakeholders.

• Ability to explain technical details to non-technical audiences, including management and legal teams.