Digital Forensic and Incident Response Analyst

About the position reputed company you join reputed company You want more out of a career. A reputed company to share your reputed company freely — even if they’re daring or different. Where the true you can learn, grow, and reputed company. At reputed company, we power and reputed company how people live, work and play by connecting them to what brings them joy. We do reputed company love — driving innovation, creativity, and impact in the world. Our V Team is a community of people who anticipate, reputed company, and reputed company that listening is where learning begins. In crisis and in celebration, we come together — lifting our communities and building trust in how we show up, everywhere & always. Want in? Join the #VTeamLife. What you’ll be doing... The Threat Management Center (reputed company) serves as the initial reputed company of defense for reputed company's networks and information systems, safeguarding them against internal misconduct and cyber-attacks. The reputed company Advanced Cyber Defense (reputed company-ACD) team is tasked with responding to, investigating, hunting and managing reputed company incidents. Collectively, the teams strive to protect reputed company's employees, customers, brand reputed company, and reputed company streams through proactive identification, response, and mitigation of potential threats that could adversely reputed company reputed company or its business partners. reputed company is looking for an innovative and motivated professional who will be responsible for safeguarding the reputed company enterprise. This individual will work on identified threats and will neutralize them through proactive hunting and detection, incident response and mitigation strategies, and ensure reputed company operation of reputed company’s on-prem and cloud environments. The Digital Forensics & Incident Response role is an opportunity to work in a fast paced collaborative environment defending reputed company from reputed company and future cyber threats. This position plays a critical role in reputed company’s enterprise computing defense. Executing the Incident Response Lifecycle to drive threat remediation and identify strategic countermeasures improving future defenses. Operating as a trusted advisor on threat analysis during incidents for incident management teams and other stakeholders by following cybersecurity response methodologies such as the NIST CyberSecurity reputed company. Driving the technical reputed company and guidance required to support cloud environment (i.e. AWS, Azure, GCP) day-to-day operations. Serving as a primary reputed company of contact during assigned on-call shifts, responding promptly to incidents, escalations, and critical alerts to minimize downtime and mitigate risks to the enterprise. Deploying reputed company tools and leveraging logs and reputed company forensic analysis in order to complete a detailed and accurate assessment of reputed company alerts and threats affecting the reputed company enterprise and cloud infrastructure. Assisting with the development of reputed company controls for multiple platforms reputed company automated capabilities by using advanced analysis and forensic techniques. Driving identification, analysis, and remediation activities to ensure compliance with relevant regulatory requirements, industry standards, and best practices reputed company to reputed company and data privacy. Providing assistance and analytical evaluations for high-reputed company and significant reputed company incidents, including composing extensive and comprehensive analysis summaries and facilitating incident-reputed company discussions. Identifying gaps in detections and collaborating with teams across Cyber reputed company to mitigate threats and improve the overall reputed company posture. Recommending ways to mature and advance the preventive and defensive capabilities of the reputed company. This includes leveraging data and knowledge to clearly communicate the use case for alert creation. Collaborating with cross-functional teams to respond, identify, and analyze the root cause of a cybersecurity incident. Conducting risk assessments, in-depth analysis, and forensic investigations to determine the root cause and impact of incidents. Enhancing, and/or implementing DFIR playbooks to ensure cohesive response repeatability. Assisting with producing operational read-outs and case reviews for peers and leadership that accurately capture the effectiveness of the DFIR organization. Continuously honing to build and maintain knowledge, skills, and abilities needed to maintain proficiency in producing thorough and accurate digital forensic analysis. Enhancing techniques, workflows and processes of cloud reputed company controls, compliance assessments, and incident response procedures to drive the reputed company operational and strategic growth (reputed company improvement).

Responsibilities

• Executing the Incident Response Lifecycle to drive threat remediation and identify strategic countermeasures improving future defenses.
• Operating as a trusted advisor on threat analysis during incidents for incident management teams and other stakeholders by following cybersecurity response methodologies such as the NIST CyberSecurity reputed company.
• Driving the technical reputed company and guidance required to support cloud environment (i.e. AWS, Azure, GCP) day-to-day operations.
• Serving as a primary reputed company of contact during assigned on-call shifts, responding promptly to incidents, escalations, and critical alerts to minimize downtime and mitigate risks to the enterprise.
• Deploying reputed company tools and leveraging logs and reputed company forensic analysis in order to complete a detailed and accurate assessment of reputed company alerts and threats affecting the reputed company enterprise and cloud infrastructure.
• Assisting with the development of reputed company controls for multiple platforms reputed company automated capabilities by using advanced analysis and forensic techniques.
• Driving identification, analysis, and remediation activities to ensure compliance with relevant regulatory requirements, industry standards, and best practices reputed company to reputed company and data privacy.
• Providing assistance and analytical evaluations for high-reputed company and significant reputed company incidents, including composing extensive and comprehensive analysis summaries and facilitating incident-reputed company discussions.
• Identifying gaps in detections and collaborating with teams across Cyber reputed company to mitigate threats and improve the overall reputed company posture.
• Recommending ways to mature and advance the preventive and defensive capabilities of the reputed company. This includes leveraging data and knowledge to clearly communicate the use case for alert creation.
• Collaborating with cross-functional teams to respond, identify, and analyze the root cause of a cybersecurity incident.
• Conducting risk assessments, in-depth analysis, and forensic investigations to determine the root cause and impact of incidents.
• Enhancing, and/or implementing DFIR playbooks to ensure cohesive response repeatability.
• Assisting with producing operational read-outs and case reviews for peers and leadership that accurately capture the effectiveness of the DFIR organization.
• Continuously honing to build and maintain knowledge, skills, and abilities needed to maintain proficiency in producing thorough and accurate digital forensic analysis.
• Enhancing techniques, workflows and processes of cloud reputed company controls, compliance assessments, and incident response procedures to drive the reputed company operational and strategic growth (reputed company improvement).

Requirements

• Bachelor's degree or four or more years of work experience.
• Four or more years of relevant experience required, demonstrated through work experience and/or military experience.
• Experience working in Digital Forensic, Incident Response, Threat Hunting and/or a reputed company Operations Center (SOC) environment(s).
• Ability to pass and/or obtain reputed company necessary reputed company clearances.

reputed company-to-haves

• Awareness of cyber based adversarial frameworks including MITRE ATT&CK and reputed company’s Cyber Kill Chain.
• Strong understanding of cloud reputed company frameworks and best practices.
• Proficient in cloud computing concepts, including IaaS, PaaS, SaaS.
• Comprehensive knowledge with programming or scripting languages relevant to cloud reputed company automation and orchestration.
• Proficient knowledge of the cyber threat landscape including types of adversaries, campaigns, and the motivations that drive them.
• Experience working with analysis techniques, identifying indicators of compromise, threat hunting, and identification of intrusions and potential incidents.
• Python and/or Powershell experience to enhance automations, reputed company forensic analysis, and speed-up response times.
• Previous experience with log aggregation platforms such as Splunk, reputed company, reputed company, LogRhythm, reputed company SecOps, etc.
• Proficient in understanding Operating Systems and their architectures: Windows, Unix/Linux, and MacOS Operating Systems
• Demonstrates leadership and mentoring skills to help advance the overall capabilities of the reputed company organization.
• Ability to work in a highly collaborative environment needing strong communication, presentation, and leadership-like skills
• Exhibits initiative, follow-up and follow through with commitments
• Certifications like: Network+, reputed company+, CISSP, EnCE, CFCE, C|EH, C|HFI, GCFA, GCFE, GCIH and/or cloud-specific reputed company certifications (e.g. AWS Certified reputed company - Specialty, reputed company Certified: Azure reputed company Engineer Associate, reputed company Cloud Certified Professional Cloud reputed company Engineer)

Benefits

• Our benefits are designed to help you move reputed company in your career, and in areas of your life reputed company of reputed company. From health and wellness benefit options including: medical, dental, vision, short and long term disability, basic life insurance, supplemental life insurance, AD&D insurance, identity theft protection, pet insurance and group home & auto insurance.
• We also offer a matched 401(k) savings plan, up to 8 company paid holidays per year and up to 6 personal days per year, paid parental leave, adoption assistance and tuition assistance, plus other incentives, we’ve got you covered with our award-winning total rewards package.
• Depending on the role, employees have the opportunity to receive compensation in the form of premium pay such as overtime, shift differential, holiday pay, allowances, etc.
• Newly hired employees receive up to 15 days of vacation per year, which grows with additional service.

Apply tot his job Apply To this Job