Senior Incident Response Analyst

US-Remote (Work From Home)
2 weeks ago
ID
2017-1549
# of Openings
2
Category
SERT

Overview

The main responsibility of the Senior Incident Response Analyst is to perform incident response activities pertaining to a client incident with little to no supervision. Travel to client sites for triage, forensic image acquisition and analysis may be required on short notice.  The Analyst must be able to correlate event data from multiple sources (Intrusion Detection Systems (IDS), network device logs, server logs, application logs, etc.) to understand incident details. The analyst will be expected to produce quality technical reports identifying indicators of compromise, associated risk factors and recommend mitigation strategies.  A secondary responsibility, although critical, the analyst will be expected to develop and conduct training concerning incident response best practices for client and internal team consumption.  The analyst must also be willing to work on call.

Responsibilities

  • Develop curriculum and conduct training courses in network and application security; malware analysis and incident response for client consumption as well as internal team development
  • Lead security incident response investigations that require log, forensic and malware analysis
  • Provide direct litigation support efforts by acquiring, minimizing, searching and producing electronic evidence for client legal counsel as well as serving as an expert witness as needed
  • Follow and contribute to development of Critical Incident Response operating procedures
  • Sets bold and aggressive standards that raise the bar on performance while maintaining a consistent and high level of productivity
  • Coordinate efforts with client Incident Response Team, management and client third party vendors as well as Solutionary internal teams
  • Perform full, partial, live or dead data acquisition in a forensically sound manner following evidence preservation and chain of custody procedures
  • Document and organize all timelines, communications, findings and recommendations concerning an engagement
  • Prepare written communications and reports for delivery to clients
  • Work with clients to assess their current incident response policies/capabilities and provide written and verbal feedback for improvement
  • Develop and perform tabletop exercises with client incident response team to evaluate their capability to activate and follow their response plans and provide written and verbal feedback for improvement

Qualifications

REQUIREMENTS:

  • B.S. in Information Technology, Information Security or related technical discipline and 5+ years in digital forensic, malware analysis and incident response
  • Must be detail oriented and customer service focused
  • Possess excellent verbal and written communication skills
  • Experience in performing forensic analysis from Linux, Windows and Mac operating systems as well as various mobile platforms
  • Have practical, hands-on experience and possess a good understanding of several common security tools, such as a SIEM, IDS, DLP, WAF, as well as host and network forensics tools
  • Proven ability to address advanced threats targeting large enterprises, such as APT, and be well versed in the tools, tactics, and procedures used by such actors
  • Proven subject matter expertise in relevant areas, such as incident response, intrusion analysis, incident handling, or malware analysis
  • Able to identify and document Indicators of Compromise (IOC) 
  • One or more of the following is desired GCIH, GCFA, ACE, or EnCE
  • Ability to work well independently as well as in a remote team environment

 

REWARDS:

Employees enjoy working in a business casual environment with a comprehensive benefits package including Medical, Dental, Vision, Life and Disability insurance. Flexible spending and 401k plans and a generous paid time off program.

 

Pre-employment backgrounds and drug test are required.

 

Equal Opportunity Employer Veterans/Disabled and other protected categories.

 

Position is available in our Corporate Office in Omaha, NE or as a Work from Home Opportunity anywhere in the Unites States

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed