Full-Time
DFIR Analyst
Autonomous endpoint protection software
Junior
Remote + 1 more
- 2+ years of hands-on consulting experience in threat hunting, digital forensics, and incident response
- An ideal candidate would have notable speaking and publications in the industry and or be an active participating member within the industry
- Evident self-starter with intellectual curiosity and the ability to adapt to change
- Expert level experience with forensic investigative software (Axiom Cyber preferred)
- Experience with EDR/XDR platforms (SentinelOne preferred)
- Experienced conducting dynamic malware analysis and understanding of the reverse engineering process
- Experience with memory analytics (Volatility Preferred)
- Experience or knowledge of conducting endpoint based threat hunting (compromise assessments)
- Experience working with cyber threat intelligence platforms and the threat intelligence process from raw attack data to finished intel and publications
- Scripting ability (Python preferred)
- Accountable to ensure excellence in every engagement, to include scoping, forensic analysis, reporting, hunting, remediation consulting, and client communication
- Contribute as a lead investigator for engagements. Manage all aspects of a breach response and containment investigation
- Technical investigative skills must include host-based forensic analysis, EDR-driven incident response, malware analysis, memory analytics, and network log investigations
- Provide detailed and impactful formal investigative reports, to include technical findings and security improvement recommendations
- Provide additional IR services, to include:
- Incident Response Assessments
- Table-top exercises
- Purple-teaming
- Work closely with the threat intelligence team to pursue attribution, identify attack trends, innovative malicious TTPs, and contribute to community-facing publications and blogs
- Adopt and follow our core values amongst the team:
- Trust - We earn our client's trust via technical expertise and a customer-first mindset
- Accountability - Every team member contributes to our group success via diligently fulfilling their assigned duties
- Collaboration - The Vigilance DFIR team works closely together and with our threat intelligence, research, MDR, and product teams to make every engagement a success
- Relentlessness - We will leave no stone unturned to provide outstanding service and fulfill our clients needs
- Ingenuity - If no tool exists to enable our investigations and hunts, then we will create one. There is always a way to improve existing methodologies
- Community - The Vigilance team supports each other as we grow and improve ourselves and our service
SentinelOne is on a mission to defeat every attack, every second, of every day. The company's Singularity Platform instantly defends against cyberattacks – performing at a faster speed, greater scale, and higher accuracy than possible from any single human or even a crowd.
Company Stage
N/A
Total Funding
$796.5M
Headquarters
Mountain View, California
Founded
2013
6 month growth
↑ 10%1 year growth
↑ 19%2 year growth
↑ 79%Benefits
Medical, Vision, Dental, 401(k), Commuter, Health and Dependent FSA
Unlimited PTO
Industry leading gender-neutral parental leave
Paid Company Holidays
Paid Sick Time
Employee stock purchase program
Disability & life insurance
Employee assistance program
Gym membership reimbursement
Cell phone reimbursement
Numerous company-sponsored events