Incident Response Associate Our client is seeking to recruit an Incident Response Associate within the Cyber Security Team. This is a full-time, permanent position and the successful applicant will report directly to the Head of Incident Response. The Incident Response Associate will lead information security consultancy engagements with our client’s clients, support internal information security programs, drive new revenue and support pre-sales activity. The candidate will be experienced in responding to cyber breaches, performing forensics investigations, and assessing and planning for events. A broad knowledge of information security is essential; this must encompass a good understanding of the practical application of security technology as well as its theory. The successful candidate will have a technical engineering background with deep information security and forensics experience. Experience delivering information security consulting projects across a range of disciplines into small, medium and enterprise organizations is a must. They will also be a strong communicator who is comfortable interacting with people at all levels from the C-Suite to technical teams. MAIN DUTIES AND RESPONSIBILITIES Deliver incident response consulting to our client’s clients across a broad range of industries Perform host- and network-based cyber breach incident response investigations that include: Triage System recovery Technical evidence collection Forensics, log, malware and root cause analyses Identify attacker tools, tactics and procedures Develop incident management plans, deliver training, and conduct table-top exercises Document and maintain internal incident response policies and procedures and support the build and evolution of tools and frameworks Create client-ready documents and presentations Perform knowledge transfer across the Cyber Security Team globally Lead on cyber security pre-breach engagements, which include: Information security controls assessments Risk assessments Vulnerability assessments Regulatory and compliance assessments Develop and deliver security awareness training Contribute to marketing and business development efforts Document and maintain incident response policies and procedures Participate in an on-call rotation to provide 24X7X365 client incident coverage The role will be based in their New York City office. SKILLS, QUALIFICATIONS, & EXPERIENCE The qualifications and experience to perform this role successfully are: Bachelor’s degree in Computer Science (with a focus in security) preferred but not necessary 2-3 years of direct experience in incident response, digital forensics, malware analysis and/or security operations (SOC) 2-3 years of consulting experience or 4-5 years of experience working in a technical infrastructure role Advanced working knowledge of endpoint, memory and network forensics tools (such as FTK, Encase, Volatility, SIFT, Wireshark) Able to perform malware analysis (static and dynamic) Knowledge of at least one scripting language (like Python, Ruby, PHP or Powershell) that can be utilized to automate tasks is highly desirable Excellent writing and presentation skills with the ability to convey complex technical information clearly and concisely and tailored to any audience, including C-suite Network administration understanding to include configuration of firewalls, switches and routers is preferred Sound knowledge of security tools such as SIEM, firewalls, IDS/IPS, proxies, AV is preferred Certifications such as CREST, GNFA, GCFA, GCFE, GCIA, GCIH, GREM, CCIM, EnCE, EnCEP, ACE are highly desirable. The individual will need to have the following key personal skills and attributes to perform successfully in this role: First and foremost, must be a good team player Passionate interest in information security and dedication to continued professional development Ability to work with little oversight in a rapidly changing, unstructured environment in a small team Strong analytical and problem-solving skills Ability to thrive under pressure and work to tight deadlines Excellent verbal and written communication skills Ability to respond to incidents during non-business hours Ability to travel, including internationally Ability to work innovatively, without compromising on quality. The successful candidate must have permission to work in the United States by the start of their employment.

Company background Our client is a respected security advisory firm with a vision to create a more secure digital world by providing the highest quality incident response, risk management, and digital forensic services to clients of all sizes. Their team is comprised of recognized experts and incident responders with deep technical expertise and experience in investigations, data breach response, digital forensics and information security. With a highly-successful track record of delivering mission critical cybersecurity solutions, they are experienced in working quickly to provide effective incident response, attack-readiness and remediation plans with a focus on providing long term support to improve their clients’ security posture.  The Director of Digital Forensics and Incident Response will play a significant role in helping the company with their rapid growth by hiring DFIR consultants at various levels across the US, client retention and relationship building, DFIR methodology development, scoping and leading engagements, mentoring project teams, and leading organic hyper-growth efforts at the strategic leadership level. Technical Skills: 10+ years of hands-on consulting experience in digital forensics, and incident response You are an Industry-recognized inspiring leader with media and public speaking experience, deeply embedded in information security community Experience with forensic processes and procedures (chain of custody, computer acquisition techniques, and memory acquisition techniques) Maintain hyper-current knowledge of extant vulnerabilities and threat landscape Experience using forensics tools such as EnCase, FTK, SleuthKit, Volatility, etc. Analysis experience and operational understanding of one or more major operating systems (Microsoft Windows, Linux, or Mac) Knowledge of common malware persistence mechanisms Experience identifying and triaging malware Experience leading technical breach response teams in fast-paced environments   Consulting Skills: Strategic mindset but also detail-oriented and hands-on ability to lead high-level discussion on DFIR technology strategy and approach both internally and externally Demonstrated self-starter with intellectual curiosity and ability to adapt to change Ability to work quickly, willingness to work on ad hoc assignments, work independently or leading teams as needed Strong written and verbal communication skills Ability to develop unique and creative solutions to problems on the fly Willingness to learn new technologies and techniques to solve complex customer issues Ability to manage clients, lead meetings, and manage multiple project teams concurrently Ability to quickly develop and maintain rapport with clients Demonstrated ability to cross-sell or upsell existing clients and generate new business Experience managing complex budgets Ability to allocate staff to various projects quickly and efficiently Willingness to travel as required (up to 20%) to support leadership, customer briefings, planning and other activity as needed Compensation for the DFIR Director includes: Competitive salary plus quarterly bonus opportunity Company Equity Approved Certification and Training Reimbursements Open Paid Time Off Policy Medical, Dental, and Vision Benefits 401K Employer Matching Flexible work schedule