New York, NY, USA
Incident Response Associate
Our client is seeking to recruit an Incident Response Associate within the Cyber Security Team. This is a full-time, permanent position and the successful applicant will report directly to the Head of Incident Response.
The Incident Response Associate will lead information security consultancy engagements with our client’s clients, support internal information security programs, drive new revenue and support pre-sales activity. The candidate will be experienced in responding to cyber breaches, performing forensics investigations, and assessing and planning for events. A broad knowledge of information security is essential; this must encompass a good understanding of the practical application of security technology as well as its theory.
The successful candidate will have a technical engineering background with deep information security and forensics experience. Experience delivering information security consulting projects across a range of disciplines into small, medium and enterprise organizations is a must. They will also be a strong communicator who is comfortable interacting with people at all levels from the C-Suite to technical teams.
MAIN DUTIES AND RESPONSIBILITIES
Deliver incident response consulting to our client’s clients across a broad range of industries
Perform host- and network-based cyber breach incident response investigations that include: Triage
Technical evidence collection
Forensics, log, malware and root cause analyses
Identify attacker tools, tactics and procedures
Develop incident management plans, deliver training, and conduct table-top exercises
Document and maintain internal incident response policies and procedures and support the build and evolution of tools and frameworks
Create client-ready documents and presentations
Perform knowledge transfer across the Cyber Security Team globally
Lead on cyber security pre-breach engagements, which include: Information security controls assessments
Regulatory and compliance assessments
Develop and deliver security awareness training
Contribute to marketing and business development efforts
Document and maintain incident response policies and procedures
Participate in an on-call rotation to provide 24X7X365 client incident coverage
The role will be based in their New York City office.
SKILLS, QUALIFICATIONS, & EXPERIENCE
The qualifications and experience to perform this role successfully are:
Bachelor’s degree in Computer Science (with a focus in security) preferred but not necessary
2-3 years of direct experience in incident response, digital forensics, malware analysis and/or security operations (SOC)
2-3 years of consulting experience or 4-5 years of experience working in a technical infrastructure role
Advanced working knowledge of endpoint, memory and network forensics tools (such as FTK, Encase, Volatility, SIFT, Wireshark)
Able to perform malware analysis (static and dynamic)
Knowledge of at least one scripting language (like Python, Ruby, PHP or Powershell) that can be utilized to automate tasks is highly desirable
Excellent writing and presentation skills with the ability to convey complex technical information clearly and concisely and tailored to any audience, including C-suite
Network administration understanding to include configuration of firewalls, switches and routers is preferred
Sound knowledge of security tools such as SIEM, firewalls, IDS/IPS, proxies, AV is preferred
Certifications such as CREST, GNFA, GCFA, GCFE, GCIA, GCIH, GREM, CCIM, EnCE, EnCEP, ACE are highly desirable.
The individual will need to have the following key personal skills and attributes to perform successfully in this role:
First and foremost, must be a good team player
Passionate interest in information security and dedication to continued professional development
Ability to work with little oversight in a rapidly changing, unstructured environment in a small team
Strong analytical and problem-solving skills
Ability to thrive under pressure and work to tight deadlines
Excellent verbal and written communication skills
Ability to respond to incidents during non-business hours
Ability to travel, including internationally
Ability to work innovatively, without compromising on quality.
The successful candidate must have permission to work in the United States by the start of their employment.