Senior Incident Response Lead
SF Bay Area (East Bay) or Albuquerque, New Mexico
Full Time Employment
Our client is building an incident response team whose mandate is to detect, prevent and respond to threats to the company’s computer systems. This is a world class team that is fast paced, exciting and creative. If working in National Security – working with the best tools in information security – working with the highest level most motivated team in the industry – having a work life balance and doing things a typical corporate security team can not do is interesting to you read on.
The Senior Incident Response lead will be directing an agile group of host forensics and incident response personnel. You will be working with enterprise forensic capable systems, log analysis systems, and network collection systems to respond to incidents at a global scale. Work with industry respected malware and network analysts to coordinate a best in class response to computer related incidents.
Strong analytical, documentation, and communication skills
Familiarity with Windows, Apple, and Linux based operating systems (e.g. XP, Windows 7, 2003, 2008, OS X).
5+ years of experience in information security
2+ years of experience working on computer security incident response team
Intermediate skills in malware analysis for Windows based malware.
In-depth knowledge of live forensics with enterprise forensics tools
Analytical understanding of Windows registry, NTFS, malicious documents (Office and PDF), Memory, Prefetch and Windows event logs
Working knowledge of TCP/IP, DNS, HTTP,SMTP and SNMP.
Strong understanding of network traffic analysis
Used and proficient in similar forensics software
Understand standard forensic methodology
Experience leading agile IR teams
Accredited degree in computer science or information technology or equivalent years of experience
Experience with version control software a plus.
Experience with enterprise information security data management tools
Maintain or received forensics or incident response certification (e.g. EnCE, GCFA, GREM, or GCIA)
Taught or informally trained on the subject incident response or forensics analysis.
Knowledge of two or more of the following languages (Perl, Python, C, C++, C#, Objective C, Ruby, Lisp, Scheme, IA-32/IA-32e assembly, ARM, Power PC, MIPS, SPARC, Shell, SQL, HTML, CSS, XSLT, XML, Java, or EnScript).
Programming skills in Python or other for tool development
Data and big data and AI experience would be great but not necessary
Contact Steven Cass email@example.com
650-638-9633 x 301 www.addastaff.com