Senior Incident Response Analyst

Responsibilities

• Work under the direction of IR lead and outside counsel to conduct IR investigations

• Fulfill consumer requests and resolve incidents received via e-mail or internal ticketing systems in a timely and detail-oriented manner

• Guide all consumer interactions professionally with a strong emphasis on consumer satisfaction

• Assess and assess security incidents and escalate to appropriate internal teams for additional assistance

• Triage and scope incidents for prospective consumers to identify the DFIR objectives and magnitude of effort involved to satisfy objectives

• Provide strategic relevant and achievable recommendations to help advance the security posture of organizations during and after an incident

• Communicate effectively with consumers (executives and IT) on the topics of incident type remediation forensics and assessment

• Perform host and network-based forensics across Windows Mac and Linux platforms as well as cloud environments

• Deliver high-quality written and verbal reports recommendations and findings to key stakeholders including consumers and legal counsel

• Participate in or work directly on additional projects assignments or initiatives as required

• Mentor and coach team members and work effectively as part of team unit

• Develop evaluate and utilize novel methods to hunt for indicators of compromise and perform assessment across large sets of data

• Assist in the development of internal guidelines playbooks and knowledge base

• Demonstrate industry thought guidance through blog posts and occasional public speaking events

Skills and Qualifications

• 3-5 years of professional experience (2 years directly related to IR or functional area) or equivalent combination of education and experience

• Bachelor's degree in digital forensics cybersecurity computer science information systems or similar field

• Working as part of a team in a remote matrixed consulting environment

• Incident Response: conducting or overseeing IR investigations for organizations answering to opportunistic and targeted threats such as BECs FTFs ransomware and APTs

• Digital Forensic Analysis: a background in using different forensic assessment tools in incident response investigations to ascertain the extent and scope of compromise and possessing creativity and reason in approaching intricate forensic problems

• Incident Remediation: strong knowledge of opportunistic and targeted attacks and aptitude to generate customized strategic and tactical remediation plans for consumers

• Network Forensic Analysis: strong knowledge of networking protocols network assessment tools and aptitude to perform assessment of associated network logs

• SOC and EDR: experience with EDR solutions and leveraging detections and analytics to mitigate threats appropriately

• Possessing a knowledge of secure network architecture and a strong knowledge of networking fundamentals

• Cloud Incident Response: knowledge in AWS Azure GCP incident response strategies

Bonus Points

• Excellent critical thinking skills with the experience to diagnose and troubleshoot technical issues

• Customer oriented with a strong interest in consumer satisfaction

• Experience to learn new technologies and concepts and comfortable using command-line interfaces

• Experience guiding teams of highly motivated analysts

• Communicate highly technical information to a non-technical audience

• Experience to handle and work with consumers through high priority scenarios

• Knowledge in project management

• Foster a positive work environment and attitude

• Flexibility with your work schedule in times of urgent response needs

• Contribute to thought guidance within the DFIR industry

• GCIH GCIA GCFA GCFE ACE EnCE CFCE CISSP or similar

Perks

• 100% medical dental and vision coverage

• Flexible PTO policy

• Annual home office stipend and WeWork access

• Mental & physical health wellness programs (One Medical Headspace Gympass and more)!

• Competitive compensation and opportunity for advancement