Principal Industrial Incident Responder

Remote - USA

Applications have closed

Dragos, Inc.

Dragos secures industrial assets across vertical industries. Learn more about how we protect critical industries to reinforce ICS/OT cybersecurity around the world.

View company page

The Dragos Global Services team serves as industry-leading experts in solving industrial control system security challenges. We then bring that expertise back and integrate it with our software technology: The Dragos Platform. We're looking for hands-on industrial control system knowledge and network security experience. You will provide tactical and strategic recommendations to mitigate cybersecurity vulnerabilities related to the network design, configuration, and inter-connectivity of operational technology. We're seeking a Principal Industrial Incident Responder to join our team in the US. Our ideal candidate will have a working knowledge of incident response, intrusion analysis, hunting, and a variety of industrial software and hardware within electric, oil and gas, or advanced manufacturing verticals.
This role requires up to 50% travel, both domestic and international.

Responsibilities

  • Serve as a lead for incident response retainer customers which includes onsite/offsite activities to triage and analyze within industrial environments
  • Lead hunts and strike teams within industrial environments including initial planning, execution, and reporting while providing ad hoc guidance, training, and mentoring
  • Responsible for accurate customer deliverables such as forensic reports, findings recommendations, presentations, and the generation of playbooks and other content
  • Support the buildout of the industrial incident response practice to meet the requirements of a growing team and customer base
  • Design and execute tabletop exercises (TTXs) and incident response planning workshops that follow Dragos guidelines

Requirements

  • 7+ years of hands-on experience in cybersecurity incident response/digital forensics (DFIR) and intrusion analysis
  • Experienced in forensics in at least two of the fields of network, memory, or disk with strong knowledge of the other field (with a focus on methodology over specific tools)
  • Ability to lead an investigation from start to finish including pivoting between data types, correlating events together, and proactively hunting for and identifying malicious activity
  • Confidence in using and administering Windows and Linux operating systems
  • In-depth knowledge of networking concepts (TCP/IP, Ethernet, etc.) and configuration, rule creation for common security tools (e.g. Wireshark, Snort/Suricata, Zeek, Yara, Sigma), and the analysis of and interaction with industrial network protocols
  • Ability to share on-call responsibilities including non-standard hours, unplanned remote and onsite response efforts
  • Prior experience in a role as an incident strike team/task force lead with a background in training junior staff members in DFIR methodologies

Compensation

  • Salary: $160,000
  • Base + Benefits + Equity = $260,000
  • Equity is communicated in USD and to minimize confusion, this will be discussed on the first call with the Dragos recruiter.  Employees receive equity that starts vesting on your first day and have an opportunity to earn additional equity
Dragos is the Industrial Cybersecurity expert on a relentless mission to safeguard civilization. In a world of rising cybersecurity threats, Dragos protects the most critical infrastructure – those that provide us with the tenets of modern civilization – from increasingly capable adversaries who wish to do it harm. Devoted to codifying and sharing our in-depth industry knowledge of ICS/OT systems, Dragos arms industrial defenders around the world with the knowledge and tools to protect their systems as effectively and efficiently as possible. Founded by world-class industrial intelligence experts, Dragos has the industry’s largest team of ICS/OT practitioners who have been on the front lines of the world’s most significant industrial cyber-attacks. Diversity, Equity, and Inclusion are core values at Dragos, and we are passionate about building and sustaining an inclusive and equitable working environment for all. We know that every member of our team enriches our diversity by exposing us to a broad range of ways to understand and engage with the world, identify challenges, and discover, design, and deliver solutions. Not only does a Diversity, Equity, and Inclusion focus enrich our environment and teams, but it is also critical to our success as we defend against adversaries all over the world. The broad range of ideas, experiences, and perspectives is critical to our success. Dragos is an Equal Opportunity Employer and considers applicants for employment without regard to race, color, religion, sex, orientation, national origin, age, disability, genetics, or any other basis forbidden under federal, state, or local laws. All new hires must pass a background check as a condition of employment including annual and client-requested ad hoc drug screens.
#LI-JF1 #LI-REMOTE

Tags: Forensics ICS Incident response Industrial Linux Network security Snort TCP/IP Vulnerabilities Windows

Perks/benefits: Equity Startup environment Team events

Regions: Remote/Anywhere North America
Country: United States
Job stats:  9  1  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.