View all jobs

Senior Incident Response Lead

Pleasanton, CA
Job Title:  Senior Incident Response Lead
Location: SF Bay Area (East Bay) or Albuquerque, New Mexico 
Type: Full Time Employment
Our client is building an incident response team whose mandate is to detect, prevent and respond to threats to the company’s computer systems.  This is a world class team that is fast paced, exciting and creative.  If working in National Security – working with the best tools in information security – working with the highest level most motivated team in the industry – having a work life balance and doing things a typical corporate security team can not do is interesting to you read on. 
The Senior Incident Response lead will be directing an agile group of host forensics and incident response personnel. You will be working with enterprise forensic capable systems, log analysis systems, and network collection systems to respond to incidents at a global scale. Work with industry respected malware and network analysts to coordinate a best in class response to computer related incidents.
Required Skills:
Strong analytical, documentation, and communication skills
Familiarity with Windows, Apple, and Linux based operating systems (e.g. XP, Windows 7, 2003, 2008, OS X).
5+ years of experience in information security
2+ years of experience working on computer security incident response team
Intermediate skills in malware analysis for Windows based malware.
In-depth knowledge of live forensics with enterprise forensics tools
Analytical understanding of Windows registry, NTFS, malicious documents (Office and PDF), Memory, Prefetch and Windows event logs
Working knowledge of TCP/IP, DNS, HTTP,SMTP and SNMP.
Strong understanding of network traffic analysis
Used and proficient in similar forensics software
Understand standard forensic methodology
Experience leading agile IR teams
Desired Skills:
Accredited degree in computer science or information technology or equivalent years of experience
Experience with version control software a plus.
Experience with enterprise information security data management tools
Maintain or received forensics or incident response certification (e.g. EnCE, GCFA, GREM, or GCIA)
Taught or informally trained on the subject incident response or forensics analysis.
Knowledge of two or more of the following languages (Perl, Python, C, C++, C#, Objective C, Ruby, Lisp, Scheme, IA-32/IA-32e assembly, ARM, Power PC, MIPS, SPARC, Shell, SQL, HTML, CSS, XSLT, XML, Java, or EnScript).
Programming skills in Python or other for tool development
Data and big data and AI experience would be great but not necessary
Contact Steven Cass scass@addastaff.com 650-638-9633 x 301  www.addastaff.com
More Openings
Project Coordinator
Project Manager
Technical Recruiter
Systems Administrator, Kubernetes
Share This Job
Powered by