Our Global Counter Threat Operations (CTO) team is rapidly expanding, and we are hiring senior level incident response professionals to join our team.
Responsibilities:
- Lead as an Incident Commander during internal incident engagements
- Perform deep network forensics, host forensics, and malware analysis in support of incident investigations
- Produce comprehensive and accurate oral and written reports and presentations for both technical and executive audiences
- Effectively communicate and discuss findings and strategy with internal stakeholders including leadership and technical team members
- Develop scripts, tools, or processes to enhance the CTO team capabilities
Requirements:
- 6+ years of relevant commercial or government security operations work experience.
- Must have one of the following certifications: GCIH/GCFA/GCFE/GNFA/GREM
- Experience in leading large-scale incidents in an incident commander role.
- Ability to manage multiple priorities in a high-pressure environment.
- Familiarity with Linux, and Windows forensic analysis.
- Knowledge of malware families and network attack vectors.
- Experience in SANS PICERL framework
- Expertise in Python scripting language or Bash highly preferred
- In-depth knowledge of exploitation, post-exploitation, and attack tools
- Experience with Firewalls, Intrusion Detection Systems, Antivirus Systems, Proxy, Endpoint Detection & Response tools, SIEM and Mail Gateways.
- Experience performing host, network, and log analysis from a variety of sources and platforms.
- Effective in collaboration with teams in remote offices and globally.