Job Number: R0094701
Incident Response Analyst
Serve as a technical lead and manager for commercial client tasks, including the assessment, design, and implementation of enterprise security prevention, detection, and response capabilities. Lead a diverse team of analysts in conducting event detection, incident triage, incident handling, and remediation. Handle major, high impact incidents with the ability to generate clear, concise recommendations and coordinate activities and professional communications across a range of stakeholders. Work closely with client security teams to develop, tune, automate, and enhance network and host-based security devices. Support the incident response fly away team with managing the response to client cyber intrusions, performing extensive network and host triage. This position may be located throughout the nation, including San Francisco, CA, San Diego, CA, Los Angeles, CA, Charlotte, NC, Denver, CO, Houston, TX, Dallas, TX, NYC, or the DC Metro area and will require travel of up to 80% of the time to client sites.
- 4+ years of experience with Digital Forensic or Incident Response
- Knowledge of the following security technologies: IDS/IPS, SIEM, Log Management, or Endpoint and response
- Knowledge of cloud environments, including AWS, Azure, or GCP
- Knowledge of incident management and response activities across the incident life cycle
- Knowledge of security tools and techniques used by cybersecurity teams
- Ability to travel up to 80% of the time
- BA or BS degree
- Experience with performing anomaly or malware hunts using a common framework and standard methodology, such as the MITRE ATT&CK framework
- Experience with conducting digital memory acquisition using Volatility, Rekall, or similar tools and extracting malicious binaries for analysis
- Experience with performing static code analysis, such as dissecting suspicious subroutines in assembly
- Experience with scripting languages, such as Perl or Python in the context of incident response and security operations
We're an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.
Apply on company website