Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Jobs InfoSec Jobs

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

This listing has expired and therefore is not publicly viewable.

Specialist, Incident Response
Company Deloitte
Location London
Preferred GIAC Certifications GCIH, SANS 402
Travel 50%
Salary Not provided
Contact Name MShrewsbury
Contact Email mshrewsbury/at/
Expires 2020-10-21

Job Description

Position summary
Your opportunity
Have you ever wanted to be on the frontlines of cyber-defense? The Deloitte Global Incident Response (GCIR) team is the last line of defense against adversarial activity. We are the tip of the spear in helping to shape cyber-defense strategy as it relates to incident response and recovery at a large Fortune 100 organization.

The Deloitte Global Cybersecurity function is responsible for the firm’s overall objectives of enhancing data protection, standardizing and securing critical infrastructure and gaining cyber visibility through security operations centers. The Cybersecurity organization delivers a comprehensive set of cybersecurity services to Deloitte member firms through regional delivery hubs and a Global Fusion Center. We are seeking a Specialist – Incident Response to join the team.

We encourage consideration of flexible ways of working, both formal and informal arrangements that allow for the best outcomes for our people and our clients. If this opportunity is of interest to you with some flexibility, please do discuss with us.

Your role
The Specialist – Incident Response reports to the Global Incident Response Manager. The role serves as the main incident responder performing technical services for cyber security incident investigations and assessing scope of incident damage.

Assists in preparation of internal and external communications
Assists with collection & preservation of incident evidence
Provides physical security of collected data and devices
Provides recommendations to resolve incident and/or reduce impact of incident, to bypass and/or prevent future similar incidents
Provides technical services needed for cyber incident response investigations including, containment, eradication and remediation activities
Assists with assessing scope of the incident damage
Assists in determination of incident severity
Assists with maintaining documentation throughout a cyber incident
Assist in the drafting of post-incident reports to senior leadership to convey impact, origin, root cause, and remediation
Perform incident response services including, but not limiting to, collection, documentation, preservation and analysis of incident evidence
Relationship Management
Maintains on-call availability for a 24x7x365 coverage
Coordinating shift hand-offs between different team members and/or locations
Establish and maintain strong working relationships with all teams required to support incident response including other enabling areas and member firms
Your work, your choice
At Deloitte we believe the best impact is the value we add, not the hours we sit at our desk. We carefully consider agile ways of working, both formal and informal, that allow for the best impact for our people and our clients. Please speak to your recruiter about the working pattern that works best for you.

Location: London.

Work pattern: This is a permanent contract opportunity. The role can be worked on a full-time basis.Our team members work a variety of agile working patterns. Tell us what arrangement works for you and we’ll try to accommodate.

Tell us what arrangement works for you and we’ll try to accommodate.
Incident response is an unpredictable line of business and may, on rare occasion, require a shift in normal working hours.We place a strong emphasis on finding ways to ensure a healthy work/life balance.

Your professional experience
We seek individuals that are passionate about learning and sharing their knowledge with others.

Strong commitment to teamwork in a diverse & inclusive culture
Operational knowledge of the Windows platform
Experience with one or more of the following technologies: Cylance, cloud technology (O365\Azure\AWS\GCP), and/or Splunk
Experience, knowledge or willingness to learn in the following: incident response, digital forensics, & malware analysis
BA/BS Degree or equivalent
Linux, & Mac OS
Experience with technologies such as (AV, IDS, Firewalls, Proxy, etc.)
Experience in the fields of malware reverse engineering and/or threat intelligence
Experience with the ServiceNow ticketing platform
Training/certifications preferred, but not required:
GIAC Certified Incident Handler (GCIH)
SANS FOR498: Battlefield Forensics & Data Acquisition
SANS SEC488: Cloud Security Essentials
Certified Ethical Hacker (CEH)
ISC2 Certified Information Systems Security Professional (CISSP)
Non-technical: Expert witness training
Non-technical: SANS SEC402 Cybersecurity Writing: Hack the Reade
The ideal candidate would be able to clearly document and articulate the progression of an investigation as well as recommended next steps
Your service line: Deloitte Global
Across disciplines and across borders, Deloitte Global supports our network of member firms by developing and driving global strategy, programs, and platforms, and creating new solutions and transformational experiences. Deloitte Global professionals makes an impact that matters to the world of Deloitte. We share a passion for igniting change and a strong service orientation that shapes our organization and those it supports.

Personal independence
Regulation and controls are standard practice in our industry and Deloitte is no exception. These controls provide important legal protection for both you and the firm. We are subject to a number of audit regulations, one of which requires that certain colleagues abide by specific personal independence constraints. This can mean that you and your "Immediate Family Members" are not permitted to hold certain financial interests (shares, funds, bonds etc.) with audit clients of the firm. The recruitment team will provide further detail as you progress through the recruitment process.

About Deloitte

Our Purpose & Strategy
To make an impact that matters for our clients, our people and society - defines who we are and what we stand for. Our purpose provides the foundation for our strategy and our aspiration to be the undisputed leader in professional services: this is not about size, it's about being the first choice. The first choice for the largest and most influential clients, and the first choice for the best talent.

What do we do?
Deloitte offers global integrated professional services that include Audit & Assurance, Consulting, Financial Advisory, Legal, Risk Advisory and Tax Consulting. Our approach combines intellectual leadership, industrial expertise, insight, consulting & problem solving capabilities whatever the role, technology revolutions and innovation from multiple disciplines to help our clients excel anywhere in the world.

Beyond the UK: Deloitte North and South Europe
The UK is part of Deloitte North and South Europe (NSE), the second largest member firm in the Deloitte network. Deloitte NSE combines operations in Belgium, Central Mediterranean (Italy, Greece, Malta), Ireland, the Middle East (Bahrain, Cyprus, Egypt, Iraq, Jordan, Kuwait, Lebanon, Libya, Oman, Palestinian Ruled Territories, Qatar, Saudi Arabia, United Arab Emirates, Yemen), the Netherlands, the Nordics (Denmark, Finland, Iceland, Norway and Sweden), Switzerland and the UK. Deloitte NSE brings together 2,700 partners and over 50,000 people, combining our unmatched breadth and depth of capabilities in audit and assurance, consulting, financial advisory, risk advisory, and tax and legal across the region. Being part of Deloitte NSE supports our aspiration to be the undisputed leader in professional services and will create more opportunity and growth for our people.

What do we value?
What brings us all together at Deloitte? It’s how we approach the thousands of decisions we make every day. How we behave, our beliefs and our attitudes. In other words: our values. Whatever we do, wherever we are in the world, we lead the way, serve with integrity, take care of each other, foster inclusion, and collaborate for maximum impact. These five shared values lead every decision we make and action we take, guiding us to deliver impact how and where it matters most.

Being a Leader at Deloitte
Cultural fit and purpose-led leadership is crucial for Deloitte. Our leaders always set the example and inspire their colleagues. They make quality time for people and take an interest in them. They know what matters to people - both inside and outside work – and value them as individuals; always finding opportunities to develop them while showing respect and appreciation.

We expect colleagues at all levels to embrace and live our purpose and our leadership culture by challenging themselves to identify issues that are most important for our clients, our people, and for society and make an impact that matters. We know leadership comes in all shapes and sizes, but our Leadership Charter helps all of our people understand what we’re looking for:
We live our purpose: we act as a role model, embracing and living our purpose and values, and recognising others for the impact they make
We develop talent: we develop high-performing people and teams through challenging and meaningful opportunities
We drive performance: we deliver exceptional client service; maximise results and drive high performance from people while fostering collaboration across businesses and borders
We believe positive influence can make an impact that matters: we influence clients, teams, and individuals positively, leading by example and establishing confident relationships with increasingly senior people
We move, together, towards a strategic direction: we understand key objectives for clients and Deloitte, aligning people to objectives and setting priorities and direction.


Deloitte LLP is a limited liability partnership registered in England and Wales with registered number OC303675 and its registered office at 1 New Street Square, London EC4A 3HQ, United Kingdom.
Deloitte LLP is the United Kingdom affiliate of Deloitte NSE LLP, a member firm of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee ("DTTL"). DTTL and each of its member firms are legally separate and independent entities. DTTL and Deloitte NSE LLP do not provide services to clients. Please see to learn more about our global network of member firms.