Key skills
AWSAzureCloudGoogle Cloud PlatformLinuxGCPGoogle CloudLeadershipProject ManagementTeam Leadership
About this role
Role Overview
- Lead incident response engagements
- Perform initial triage and scoping for prospective clients to understand the client objectives and level of effort involved to complete objectives.
- Effectively communicate with executives on the topics of forensics and malware analysis
- Develop and use new methods to hunt for bad actors across large sets of data.
- Work under the direction of outside counsel to conduct intrusion investigations
- Coach and mentor junior analysts on performing host and/or network-based forensics across Windows, Mac, and Linux platforms.
- Provide strategic, applicable, and feasible recommendations to help mature the security posture of organizations during and after an incident.
- Produce high-quality written and verbal reports, presentations, recommendations, and findings to key stakeholders including customer management, regulators, and legal counsel.
- Demonstrate industry thought leadership through blog posts, CrowdCasts, and other public speaking events.
Requirements
- Team leadership experience in a matrixed consulting environment
- Incident Response: experience conducting or managing incident response investigations for organisations, investigating targeted threats such as the Advanced Persistent Threat, Organised Crime, and Hactivists.
- Computer Forensic Analysis: a background using a variety of forensic analysis tools in incident response investigations to determine the extent and scope of compromise.
- Network Forensic Analysis: strong knowledge of network protocols, network analysis tools like Bro/Zeek or Suricata, and ability to perform analysis of associated network logs.
- Reverse Engineering: ability to understand the capabilities of static and dynamic malware analysis.
- Incident Remediation: strong understanding of targeted attacks and able to create customised tactical and strategic remediation plans for compromised organisations.
- Network Operations and Architecture/Engineering: strong understanding of secure network architecture and strong background in performing network operations.
- Cloud Incident Response: knowledge in any of the following areas: AWS, Azure, GCP incident response methodologies.
- Capable of completing technical tasks without supervision.
- Desire to grow and expand both technical and soft skills.
- Strong project management skills.
- Contributing thought leader within the incident response industry.
- Ability to foster a positive work environment and attitude.
- Ability to travel on short notice, up to 30% of the time.
Tech Stack
- AWS
- Azure
- Cloud
- Google Cloud Platform
- Linux
Benefits
- Market leader in compensation and equity awards
- Comprehensive physical and mental wellness programs
- Competitive vacation and holidays for recharge
- Paid parental and adoption leave
- Professional development opportunities for all employees regardless of level or role
- Employee Networks, geographic neighborhood groups, and volunteer opportunities to build connections
- Vibrant office culture with world class amenities
- Great Place to Work Certified™ across the globe