Staff Incident Responder

Responsible for hunting detecting and responding to digital security threats. Demonstrates technical leadership abilities and strong comprehension of malware emerging threats and calculating risk.

• Specialize in network-centric analysis (NSM) host-centric analysis (live response digital forensics) malware analysis and log-centric analysis (SIEM)
• Curate signatures tune systems/tools develop scripts and correlation rules
• Uses a hypothesis-driven approach and behavioral analysis to uncover connections and correlations between potential cyber threats.
• Analyze host and network forensic artifacts and identify patterns and behaviors related to threat actors
• Mentor and train incident responder and incident responder specialists

• Detailed understanding of CND-based analytical models (Kill Chain ATT&CK Pyramid of Pain etc)
• Detailed understanding of APT Cyber Crime and other associated tactics
• Practical experience in host forensics and network analysis techniques and tools
• Practical experience with malware and reverse engineering
• Practical experience responding to threats in cloud platforms (AWS Azure Google etc)
• Practical experience writing behavioral and static detections
• Expertise in at least two areas of discipline (Host Network Email Cloud Identity Application Malware)
• Excellent verbal and written communication skills
• Excellent organizational and analytical skills
• Detail oriented with the ability to multi-task and prioritize efforts
• CISSP CISM or related SANs or Industry certifications
• Ability to collaborate in a team environment
• Foundational cyber skills: Networking (TCP/IP UDP Routing); Applications (HTTP SMTP DNS FTP SSH etc.); Encryption (DES AES RSA) and hashing algorithms (MD5 SHA-1 etc); System/Application vulnerabilities and exploitation; Operating systems (Windows *Nix and Mac) Cloud technology (SaaS IaaS PaaS) and malware or behaviors exploiting these systems