Job Summary
An information technology advisory firm has a current position open for a Remote Incident Response Analyst.
Core Responsibilities Include:
- Applying a variety of technical skills which include security event log analysis, endpoint forensic analysis, and vulnerability analysis
- Conducting host forensics, network forensics, log analysis, and malware triage in support of incident response investigations
- Utilizing technology to conduct large-scale investigations and examine endpoint and network-based sources of evidence
Applicants must meet the following qualifications:
- 3+ years of experience in incident response, security operations, consulting or similar
- Experience with at least 3: Windows disk & memory forensics, Network Security Monitoring, network traffic analysis & log analysis, or
- Unix or Linux disk & memory forensics, Static & dynamic malware analysis
- Thorough understanding of enterprise security controls in Active Directory/Windows environments
- Experience building scripts, tools, or methodologies to enhance investigation processes
- Ability to leverage knowledge and understanding in using vulnerability scanners, intrusion detection systems, firewalls, SIEM or other IS products