December 19, 2017 - Principal Incident Responder Job Opportunity
- Develop and execute security incident response plans and cyber forensics investigations for investigating all reported security incidents.
- Develop comprehensive incident reports and investigation summaries.
- Develop and collect intelligence to proactively detect and identify high-confidence threats to the brand, service, infrastructure and enterprise users and systems.
- Responsible for analyzing/validating security control requirements and tuning, defining the mitigation rules, scripting and performing changes or mitigating attacks, and assisting with troubleshooting support related to any issues which may arise from security detection or protection technologies.
- Assist with reviewing existing tools, applications, and processes to help strengthen and optimize current security capabilities, as well as identifying any gaps or technical solutions to further enhance the team's effectiveness.
- Lead analysis and review security events for anomalous activity, collaborate with respective peer groups to take appropriate action to safeguard company information assets against current and foreseen threats.
- Lead the exploration of practical security solutions to address emerging threats and compliance requirements, including design and implementation of recommended solutions.
- University degree is desirable but not required.
- 10+ years professional experience: Computer Forensics/Computer Security.
Knowledge, Experience & Skills
- Knowledge and real word experience in any of the following areas will be an advantage: Law Enforcement Organizations, Financial companies, SCADA/ICS infrastructure, Telecommunications/Data Centers/Cloud Infrastructure providers.
- Experience testifying in court practical.
Incident response & Computer/Network Forensics Experience & Skills:
- Incident response digital investigations computer forensics (including tools such as SANS SFIT, EnCase, FTK, X-Ways, TSK,...etc)
- Enterprise Forensics (including tools such as EnCase Enterprise, EnCase Cybersecurity, GRR, F- response, volatility, Winpmen..)
- Mobile devices forensics (including tools such as Cellebrite, XRY, Oxygen..etc)
- Malware analysis (including tools such as IDA Pro, radare, OllyDbg,.etc)
- Network traffic analysis & Network Forensics (including tools such as tcpdump, wireshark, Netwitness,..etc)
- Log Analysis (including tools such as ELK, Splulnk,..).
- Programming skills: Phyton, shell scripiting, Ruby, Perl..
- Security Monitoring technnologies & tools: SIEM (enVision, ArcSight, SenSage, Q1,..), NIDS/NIPS (Sourcefire, snort, Tipping Point,..etc).|
- System & Network Administration: Linux, Solaris, HPUX, Windows Network Services (DNS, LDAP, Radius, NTP...).
- Network administration (Cisco, Juniper..).
- Technical or professional certifications such as EnCE, CEH, GCIH, GCFA, CISA or CISSP, etc.
- Demonstrated ability to manage all facets of a client offering, including presales, steady state maintenance and development, delivery and post-delivery.
- Fluent in English and Spanish.
- Large availability to travel internationally. Large availability to travel abroad.
- Demonstrate innovative and creative thinking as well as problem-solving skills.