Incident Response/Forensics Engineer
- Design, build, run, and own infrastructure and automation to detect, contain, and eradicate security threats.
- Lead the Computer Incident Response Team (CIRT) in responding to active and time-sensitive threats including communications and coordination across different teams.
- Work closely with other members of the Information Security team to lead changes in the company's defense posture.
- Develop new and novel defense techniques to identify and stop advanced adversary tactics and techniques.
- Perform forensics on network, host, memory, and other artifacts originating from multiple operating systems, applications, or networks and extract IOCs (Indicators of Compromise) and TTP (Tactics, Techniques, and Procedures).
- Collect, analyze, assess, and disseminate information about cyber threats and potential attacks.
- Conduct human-driven, proactive, and iterative hunts through enterprise networks, endpoints, or datasets to detect malicious, suspicious, or risky activities that have evaded detection by existing tools.
- Bachelor's degree in Computer Science or equivalent work experience.
- 7+ years of experience in information security.
- Advanced knowledge of TCP/IP Networking, and network services such as DNS, SMTP, DHCP, etc.
- In-depth understanding of authentication protocols, applied cryptography, key management, PKI and SSL/TLS.
- Possession of a holistic view of the threat, vulnerability, and risk as well as their relationship.
- Deep understanding of internals and constructs of at least two main modern operation systems.
- Relevant security certifications (OSCP, OSCE, GPEN, GXPN, GREM, GNFA, GCFA).
- Applied experience with application and business logic Embedded in business systems.
- Knowledge of open security testing standards and projects, including OWASP.
- Proficiency with at least one interpreted programming language (Python, Ruby, etc.).
- Experience employing phishing and other social engineering tactics.
- Experience using multiple command and control channels, including DNS and HTTPS.
If this is an opportunity that you're interested in please email your resume to: (see below)