Job description
Company DescriptionPublicis Re:Sources is the backbone of Publicis Groupe, the world's most valuable agency group. We are the only full-service, end-to-end shared service organization in the industry, enabling Groupe agencies to do what they do best: innovate and transform for their clients. Formed in 1998 as a small team to service a few Publicis Groupe firms, Publicis Re:Sources has grown to 5,000+ employees in over 66 countries. We provide technology solutions and business services including finance, accounting, legal, benefits, procurement, tax, real estate, treasury and risk management. We continually transform to keep pace with our ever-changing communications industry and thrive on a spirit of innovation felt around the globe. Learn more about Publicis Re:Sources and the Publicis Groupe agencies we support at http://www.publicisresources.com/.
The Publicis Re:Sources Guiding Principles define who we are and what we stand for. They reflect the mindset and behaviors that shape how we work, how we support one another, and how we drive progress together.
People First, Driving Success TogetherProblem Solving MindsetRespect Each OtherPartner and Collaborate as One TeamCommit to Quality and StandardsInnovate and Embrace the Future
Job Description
The Senior Associate, Information Security - Forensics is part of a global team and is responsible for incident response of cyber security incidents that are associated with our businesses, clients, and vendors; is technically skilled and ensures incident containment, remediation, and closure. This individual will be expected to work closely with the legal, data privacy, business, and client teams. They should be comfortable with interacting with senior executives including C-level staff.
Responsibilities
• Lead investigation of cyber security incidents of higher severity
• Analyze compromised/potentially compromised systems
• Coordinate evidence/data gathering and document security incident reports
• Manage, review and present written and oral reports in a pertinent, concise, and accurate manner for distribution to management
• Maintain security processes such as application security, vulnerability management and incident response
• Maintain current knowledge of tools and best practices in advanced persistent threats, tools, techniques, procedures of attackers, forensics, and incident response
• Perform complex forensic investigations into system breaches, data leaks, and system weaknesses
• Provide technical expertise to staff on security incident monitoring, triage, response, threat & vulnerability management, and security analysis
• Provide strategic direction on types of Incident Management activities that will drive efficiencies across company
Qualifications
• 4 or more years of experience in an analytical role of either forensics analyst (Linux, Windows, or MacOS), threat analyst, incident response or security engineer/ consultant
• Experience on forensic investigation tools such as: FTK, EnCase, Sleuthkit
• Experience with cloud environment such as: Azure, AWS, GCP
• Familiarity with the MITRE ATT&CK or related frameworks
• Experience developing and managing incident response programs
• Proficient in EDR - CrowdStrike and/or SentinelOne
• Proficient in social engineering, phishing, and related fraud schemes.
• Understanding of real-world exploits work, how offensive attackers laterally move between internal systems and to establish persistence
• Strong general knowledge of security concepts and expertise in network and web application security issues
• Experience with a scripting language such as Python, Bash, PowerShell, or other scripting language in an incident handling environment
Additional InformationAll your information will be kept confidential according to EEO guidelines. This job description in no way states or implies that these are the only duties to be performed by the employee(s) currently in this position. Employee(s) will be required to follow any other job related instructions and to perform any other job-related duties requested by any person authorized to give instructions or assignments. A review of this position has excluded the marginal functions of the position that are incidental to the performance of fundamental job duties. All duties and responsibilities are essential job functions and requirements and are subject to possible modification to reasonably accommodate individuals with disabilities. To perform this job successfully, the incumbent(s) will possess the skills, aptitudes, and abilities to perform each duty proficiently. Some requirements may exclude individuals who pose a direct threat or significant risk to the health or safety of themselves or others. The requirements listed in this document are the minimum levels of knowledge, skills, or abilities. This document does not create an employment contract, implied or otherwise, other than an ""at-will"" relations. #LI-DS1Employment Type: FULL_TIME
Requirements
• They should be comfortable with interacting with senior executives including C-level staff
• 4 or more years of experience in an analytical role of either forensics analyst (Linux, Windows, or MacOS), threat analyst, incident response or security engineer/ consultant
• Experience on forensic investigation tools such as: FTK, EnCase, Sleuthkit
• Experience with cloud environment such as: Azure, AWS, GCP
• Familiarity with the MITRE ATT&CK or related frameworks
• Experience developing and managing incident response programs
• Proficient in EDR - CrowdStrike and/or SentinelOne
• Proficient in social engineering, phishing, and related fraud schemes
• Understanding of real-world exploits work, how offensive attackers laterally move between internal systems and to establish persistence
• Strong general knowledge of security concepts and expertise in network and web application security issues
• Experience with a scripting language such as Python, Bash, PowerShell, or other scripting language in an incident handling environment
