Senior Incident Response Analyst

Responsibilities

• Work under the direction of IR lead and outside counsel to conduct IR investigations
• Fulfill consumer requests and resolve incidents received via e-mail or internal ticketing systems in a timely and detail-oriented manner
• Guide all consumer interactions professionally with a strong emphasis on consumer satisfaction
• Assess and assess security incidents and escalate to appropriate internal teams for additional assistance
• Triage and scope incidents for prospective consumers to identify the DFIR objectives and magnitude of effort involved to satisfy objectives
• Provide strategic, relevant, and achievable recommendations to help advance the security posture of organizations during and after an incident
• Communicate effectively with consumers (executives and IT) on the topics of incident type, remediation, forensics and assessment
• Perform host and network-based forensics across Windows, Mac, and Linux platforms as well as cloud environments
• Deliver high-quality written and verbal reports, recommendations, and findings to key stakeholders including consumers and legal counsel
• Participate in, or work directly on additional projects, assignments, or initiatives as required
• Mentor and coach team members and work effectively as part of team unit
• Develop, evaluate and utilize novel methods to hunt for indicators of compromise and perform assessment across large sets of data
• Assist in the development of internal guidelines, playbooks and knowledge base
• Demonstrate industry thought guidance through blog posts and occasional public speaking events

Skills and Qualifications

• 3-5 years of professional experience (2 years directly related to IR or functional area) or equivalent combination of education and experience
• Bachelor’s degree in digital forensics, cybersecurity, computer science, information systems or similar field
• Working as part of a team in a remote matrixed consulting environment
• Incident Response: conducting or overseeing IR investigations for organizations, answering to opportunistic and targeted threats such as BECs, FTFs, ransomware and APTs
• Digital Forensic Analysis: a background in using different forensic assessment tools in incident response investigations to ascertain the extent and scope of compromise and possessing creativity and reason in approaching intricate forensic problems
• Incident Remediation: strong knowledge of opportunistic and targeted attacks and aptitude to generate customized strategic and tactical remediation plans for consumers
• Network Forensic Analysis: strong knowledge of networking protocols, network assessment tools, and aptitude to perform assessment of associated network logs
• SOC and EDR: experience with EDR solutions and leveraging detections and analytics to mitigate threats appropriately
• Possessing a knowledge of secure network architecture and a strong knowledge of networking fundamentals
• Cloud Incident Response: knowledge in AWS, Azure, GCP incident response strategies

Bonus Points

• Excellent critical thinking skills with the experience to diagnose and troubleshoot technical issues
• Customer oriented with a strong interest in consumer satisfaction
• Experience to learn new technologies and concepts and comfortable using command-line interfaces
• Experience guiding teams of highly motivated analysts
• Communicate highly technical information to a non-technical audience
• Experience to handle and work with consumers through high priority scenarios
• Knowledge in project management
• Foster a positive work environment and attitude
• Flexibility with your work schedule in times of urgent response needs
• Contribute to thought guidance within the DFIR industry
• GCIH, GCIA, GCFA, GCFE, ACE, EnCE, CFCE, CISSP, or similar

Perks

• 100% medical, dental and vision coverage
• Flexible PTO policy
• Annual home office stipend and WeWork access
• Mental & physical health wellness programs (One Medical, Headspace, Gympass, and more)!
• Competitive compensation and opportunity for advancement