Your browser cookies must be enabled in order to apply for this job. Please contact support@jobscore.com if you need further instruction on how to do that.

Senior Incident Response Analyst

Operations | REMOTE - US | Full Time

Job Description

About Us:

[redacted] is the mission-driven cloud security company for organizations that want to level the playing field against attackers. Our state-of-the-art platform and advanced threat intelligence and response capabilities, delivered by the world's top security experts, disrupt adversaries and protect our clients’ businesses. 

We deliver organizations of all sizes layered defense and orchestrated response through a packaged suite of security technologies and services designed to address the full spectrum of cybersecurity needs. 

[redacted] was founded in 2015 by a team with deep government and private sector experience and is backed by Ten Eleven Ventures, Valor Equity Partners, Vy Capital, and SVB Capital.

General Description:

The Senior Incident Response Analyst will work under the Incident Response Lead to perform emergency response to cyber incidents for Redacted’s customers, and work on projects that support incident response efforts. The Senior Incident Response Analyst must have superb analytic and communication skills, the ability to think clearly during rapidly changing, high-pressure situations, and experience conducting incident response efforts.

Responsibilities:

  • Serve as the relief Incident Commander and interface with clients when the Incident Response Lead is unavailable or when running multiple events simultaneously
  • Collect, triage, and analyze forensic artifacts from client networks
  • Analyze logs collected from client networks
  • Leverage various EDRs to respond to incidents, including proactively hunting client networks for the duration of the incident
  • Assist in developing policies and procedures to guide [r's incident response practice
  • Work an on-call rotation to triage incoming incidents after hours
  • Work irregular hours in accordance with on-call schedule and incident demands

Required Qualifications:

  • Minimum of five years of experience in information security with at least two years in security operations, incident response preferred. 
  • Experience communicating complex technical topics to senior management or clients
  • Strong system administration skills across multiple operating systems.
  • Experience investigating Windows, Linux, MacOS, and mobile endpoints, as well as cloud environments
  • Applied knowledge of the Incident Response Lifecycle, the Cyber Kill Chain, and the MITRE ATT&CK Framework
  • Experience performing log analysis over disparate data sources using enterprise log aggregation tools
  • Experience with endpoint detection and response software such as CarbonBlack, Tanium, FireEye Hx, Crowdstrike Falcon, etc.
  • Experience creating novel alerts and detections based on independent research or threat intelligence ingestion
  • Demonstrated experience and competence in malware analysis, host forensics, memory forensics, and network forensics, with specialized knowledge in at least one of those fields.

Preferred Qualifications:

  • Preference given to candidates out of the Asia-Pacific region in order to support 24 hours operations.
  • Experience coordinating an incident and/or leading a team during an incident
  • Experience with static and dynamic malware analysis techniques, to include skill in binary analysis using tools such as Ida, Ghidra, or x64dbg
  • Experience performing disk forensics using tools such as FTK, Axiom, or EnCase
  • Experience analyzing forensic artifacts (registry, MFT, etc) independent of a disk image
  • Experience performing memory forensics using Volatility
  • Experience in network forensics including analysis of net flow, file carving from PCAP, and custom protocol reverse engineering and analysis
  • Experience administering security appliances
  • Experience in a scripting language such as Python

Perks:

We’re focused on creating the best experience for you through a holistic approach to benefits and perks. We work hard to make sure you have the best care and resources to thrive at all stages of your life, both inside and outside of Redacted.

Here’s a snapshot of some of the benefits we offer:

  • Medical, dental, and vision insurance to keep you and your family healthy.
  • 401k plan to help you plan for the future.
  • Generous home office and monthly internet reimbursements.
  • Flexible leave policy - take time off when you need it.
  • Competitive parental leave policy (up to 6 months of fully paid parental leave.)
  • Pre-tax savings plans for health care, public transportation, and parking expenses.
  • Short-term and long-term disability benefits and life insurance.
  • Wellness program that provides monthly points that can be used for mind, body, and soul activities, discounts, and gift certificates.

Additional Information:

Redacted is proud to be an equal opportunity workplace. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status.

Redacted will consider qualified applicants with arrest and conviction records for employment in a manner consistent with applicable laws.

Salary range for CO-based applicants: $36-200k, depending on experience level.