Consultant, Incident Response Consulting - Secureworks
Remote - Connecticut, United States (All Other)
Applications have closed
Dell Technologies
Dell bietet Technologielösungen, Services und Support. Notebooks, Touchscreen-PCs, Desktop-PCs, Server, Speicher, Monitore, Gaming und Zubehör kaufenConsultant, Incident Response Consulting
This position requires up to 20% travel.
On call is required once every eight weeks.
Location: This is a remote position with a preference for West Coast candidates.
About Secureworks
Secureworks (NASDAQ: SCWX) is a global cybersecurity leader that secures human progress with Secureworks® Taegis™, a SaaS-based, open XDR platform built on 20+ years of real-world threat intelligence and research, improving customers’ ability to detect advanced threats, streamline and collaborate on investigations, and automate the right actions.
We enjoy competitive compensation and benefits packages, and reward and recognize our employees for exceptional results. A constant focus on continued learning and growth keeps our team members engaged and excited about “what’s next.” We offer flexible work options when available, and emphasize the importance of work-life balance. We know that when our people are rewarded, recognized, and rejuvenated, we win as a team.
This is a senior level Incident Responder consulting position focused on the delivery of emergency incident response services. This involves supporting customers by managing the technical and non-technical aspects of cyber incident response, conducting investigative analysis using digital forensics methods to determine the nature, scope, and root cause of cyber breaches, formulating recommendations for security posture enhancement, and developing tailored remediation plans.
The Incident Responder will be required to deliver a range of incident readiness services. These services include cyber threat hunting to help customers identify unknown compromise activity and gaps in their cybersecurity controls, as well as workshops, training courses, and exercises to help customers proactively improve their incident readiness.
Role Responsibilities
- Serve as a trusted advisor and subject matter expert to customers and guide customers' senior leadership through managing business impacts and risk mitigation associated with a cyber incident or data breach ensuring customer satisfaction.
- Act as the incident commander in specific engagements and lead company remediation functions coordinating with IR and Threat Intelligence delivery teams to handle inquiries, briefings, and customer-facing status reports in a variety of formats.
- Develop incident response containment plans and remediation strategies; present strategic and tactical plans both orally and in written reports for customers and all involved third parties.
- Serve as subject matter expert in digital forensics and incident response (DFIR).
- Perform complex incident response investigative analysis and develop assessments based on the analysis of host, network, and cloud digital artifacts.
- Document analysis findings and develop recommendations to present both orally and in written reports to customers.
- Develop tailored incident response remediation plans for major cyber incidents to direct customer containment and recovery efforts.
- Conduct assessments of client readiness to respond to incidents, including designing and delivering incident response exercises to test client incident response plans; review the assessments of other consultants.
- Develop detailed incident response plans and playbooks based on client needs.
- Design and deliver incident response exercises to test client incident response plans; oversee the delivery of exercises by other consultants.
- Manage urgent and critical interactions with customers.
- Lead scoping calls with customers and prospects.
- Maintain professional, calming, and authoritative presence during a crisis.
- Participate in a 24x7 on-call rotation for supporting requests from global incident response customers.
- Travel as needed to assist customers with on-site incident response efforts.
Required Skills
- Minimum of 8 years of advanced security, digital and network forensics experience
- Minimum of 5 years of experience with one or more of the following tools: Encase, FTK, X-Ways, F-Response, Volatility, Open-Source Forensics Tools
- Minimum of 2 years of experience with one or more of the following endpoint detection and response tools: Microsoft Defender, Sentinel One, Crowdstrike, Carbon Black.
- Bachelor's degree in computer science, information systems, information assurance, or equivalent work experience
- Minimum of one or more of the following certifications: GREM, GCFA, GCFE, CISA or CISSPGCIH, GCFE, GCFA, GREM or similar certifications
- Strong communication skills (oral and written)
- Experience briefing senior-level leadership and conveying technical information to audiences of varying backgrounds and skill levels.
- Ability to prioritize urgent tasks and work multiple consulting engagements concurrently.
- Desire to work with customers to solve complex cybersecurity issues, including during crisis situations.
Theoretical and practical knowledge in the following areas:
- Windows and Linux operating systems
- AWS, Azure (including Microsoft 365), and GCP
- Exploits, vulnerabilities, intrusion vectors, and malware
- Tactics, techniques, and procedures (TTPs) commonly employed by threat actors
- Host forensics, network forensics, and malware analysis techniques
- Network traffic analysis, endpoint activity analysis, and log analysis techniques
- Enterprise cyber incident management and response processes
- Enterprise cybersecurity controls and failure modes
- Modern Enterprise Detection and Response (EDR) tools.
Secureworks is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at Secureworks are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. Secureworks will not tolerate discrimination or harassment based on any of these characteristics.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: AWS Azure Carbon Black CISA Cloud Computer Science CrowdStrike DFIR EDR EnCase Exploits Forensics GCFA GCFE GCP GREM Incident response Linux Log analysis Malware SaaS Sentinel Threat intelligence TTPs Vulnerabilities Windows XDR
Perks/benefits: Career development Competitive pay
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Security Operations Engineer jobs
- Open Senior Cybersecurity Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Information Security Officer jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Product Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cyber Security Specialist jobs
- Open Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Network Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Analyst jobs
- Open Security Consultant jobs
- Open Senior Information Security Analyst jobs
- Open Security Operations Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information Security Architect jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open SOC-related jobs
- Open Network security-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open Threat intelligence-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs
- Open Security Clearance-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open SaaS-related jobs
- Open EDR-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open PowerShell-related jobs