Principal Industrial Incident Responder
Remote - USA
Applications have closed
Dragos, Inc.
Dragos secures industrial assets across vertical industries. Learn more about how we protect critical industries to reinforce ICS/OT cybersecurity around the world.
The Dragos Global Services team serves as industry-leading experts in solving industrial control system security challenges. We then bring that expertise back and integrate it with our software technology: The Dragos Platform. We're looking for hands-on industrial control system knowledge and network security experience. You will provide tactical and strategic recommendations to mitigate cybersecurity vulnerabilities related to the network design, configuration, and inter-connectivity of operational technology. We're seeking a Principal Industrial Incident Responder to join our team in the US. Our ideal candidate will have a working knowledge of incident response, intrusion analysis, hunting, and a variety of industrial software and hardware within electric, oil and gas, or advanced manufacturing verticals.
This role requires up to 50% travel, both domestic and international.
#LI-JF1 #LI-REMOTE
This role requires up to 50% travel, both domestic and international.
Responsibilities
- Serve as a lead for incident response retainer customers which includes onsite/offsite activities to triage and analyze within industrial environments
- Lead hunts and strike teams within industrial environments including initial planning, execution, and reporting while providing ad hoc guidance, training, and mentoring
- Responsible for accurate customer deliverables such as forensic reports, findings recommendations, presentations, and the generation of playbooks and other content
- Support the buildout of the industrial incident response practice to meet the requirements of a growing team and customer base
- Design and execute tabletop exercises (TTXs) and incident response planning workshops that follow Dragos guidelines
Requirements
- 7+ years of hands-on experience in cybersecurity incident response/digital forensics (DFIR) and intrusion analysis
- Experienced in forensics in at least two of the fields of network, memory, or disk with strong knowledge of the other field (with a focus on methodology over specific tools)
- Ability to lead an investigation from start to finish including pivoting between data types, correlating events together, and proactively hunting for and identifying malicious activity
- Confidence in using and administering Windows and Linux operating systems
- In-depth knowledge of networking concepts (TCP/IP, Ethernet, etc.) and configuration, rule creation for common security tools (e.g. Wireshark, Snort/Suricata, Zeek, Yara, Sigma), and the analysis of and interaction with industrial network protocols
- Ability to share on-call responsibilities including non-standard hours, unplanned remote and onsite response efforts
- Prior experience in a role as an incident strike team/task force lead with a background in training junior staff members in DFIR methodologies
Compensation
- Salary: $160,000
- Base + Benefits + Equity = $260,000
- Equity is communicated in USD and to minimize confusion, this will be discussed on the first call with the Dragos recruiter. Employees receive equity that starts vesting on your first day and have an opportunity to earn additional equity
#LI-JF1 #LI-REMOTE
Tags: Forensics ICS Incident response Industrial Linux Network security Snort TCP/IP Vulnerabilities Windows
Perks/benefits: Equity Startup environment Team events
Regions:
Remote/Anywhere
North America
Country:
United States
Job stats:
9
1
0
Category:
Incident Response Jobs
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Product Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Security Specialist jobs
- Open Security Researcher jobs
- Open Chief Information Security Officer jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open IT Security Engineer jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open APIs-related jobs
- Open CI/CD-related jobs