Incident Response Lead

Boston or DC

Recorded Future, Inc. logo
Recorded Future, Inc.
Apply now Apply later

Posted 2 weeks ago

We’re looking for an expert (7+ years) security professional to lead our newly created investigations team. You’ll contribute to a highly visible cybersecurity operations function with a global impact upon Recorded Future, service ventures, partners, and customers.

What you'll do as an Incident Response Lead:

  • Provide technical leadership and hands-on response & ownership of computer security incidents
  • Research and deploy new technologies to support business objectives related to security detection and response
  • Design and implement new detection technologies along with playbook development and threat hunting.
  • Collaborate with engineers to enhance cloud (IaaS, SaaS, etc) based security detection and response
  • Update, modify, and improve existing programs used for security detection, automation, and response.
  • Develop documentation on all custom solutions
  • Regularly review and verify existing metrics to ensure accuracy and quality; annotate existing metrics to improve user understanding
  • Participate in a follow-the-sun on-call rotation

What you’ll bring to the Incident Response Lead role:

  • Excellent communication skills and practiced ability to influence peers, customers, and project teams to make security-minded decisions
  • Expert systems and network administration skills, IT operations
  • Expert in computer security incident handling
  • Expert knowledge of computer security forensics and security vulnerabilities; deep Information Security knowledge and awareness of ongoing threats
  • Some scripting/coding abilities (Python, Regular Expressions) 
  • A solid understanding of networking and core Internet protocols (e.g. TCP/IP, DNS, SMTP, HTTP, and distributed networks).
  • Experience with Linux/UNIX systems and the best practices for securing applications and data on those stacks
  • Infrastructure-as-a-Service platforms ( Amazon Web Services, etc.)
  • Agility and flexibility to pitch in where needed and function with a high level of ambiguity and change
  • Ability to creatively solve complex problems in high-stress situations and tight timelines, while delivering results with a tight-knit global team
  • Candidates must be US residents to be considered

Why should you join Recorded Future?
From over 35 nationalities, our Futurists are the perfect recipe of humility, accountability, and collaborative attitudes. Our dedication to empowering clients with elite intelligence to disrupt adversaries has earned us a 4.7-star user rating from Gartner and 8 of the top 10 Fortune 100 companies as clients.

Want more info? 
Blog & Podcast: Learn everything you want to know (and maybe some things you’d rather not know) about the world of cyber threat intelligence
Instagram & Twitter: What’s happening at Recorded Future
The Record: The Record is a cybersecurity news publication that explores the untold stories in this rapidly changing field
Timeline: History of Recorded Future

We are committed to maintaining an environment that attracts and retains talent from a diverse range of experiences, backgrounds and lifestyles.  By ensuring all feel included and respected for being unique and bringing their whole selves to work, Recorded Future is made a better place every day.

Recorded Future will not discharge, discipline or in any other manner discriminate against any employee or applicant for employment because such employee or applicant has inquired about, discussed, or disclosed the compensation of the employee or applicant or another employee or applicant.

Recorded Future is an equal opportunity and affirmative action employer and we encourage candidates from all backgrounds to apply. Recorded Future does not discriminate based on race, religion, color, national origin, gender including pregnancy, sexual orientation, gender identity, age, marital status, veteran status, disability or any other characteristic protected by law.

Job tags: Automation DNS Forensics IaaS Incident response Linux Python SaaS TCP/IP Threat intelligence Unix Vulnerabilities
Share this job: