Senior Incident Response Analyst

Responsibilities

• Work under the direction of IR lead and outside counsel to conduct IR investigations
• Fulfill client requests and resolve incidents received via e-mail or internal ticketing systems in a timely and detail-oriented manner
• Manage all client interactions professionally with a strong emphasis on client satisfaction
• Analyse and assess security incidents and escalate to appropriate internal teams for additional assistance
• Triage and scope incidents for prospective clients to understand the DFIR objectives and magnitude of effort involved to satisfy objectives
• Provide strategic, relevant, and achievable recommendations to help advance the security posture of organisations during and after an incident
• Communicate effectively with clients (executives and IT) on the topics of incident type, remediation, forensics and analysis
• Perform host and network-based forensics across Windows, Mac, and Linux platforms as well as cloud environments
• Deliver high-quality written and verbal reports, recommendations, and findings to key stakeholders including clients and legal counsel
• Participate in, or work directly on additional projects, assignments, or initiatives as required
• Mentor and coach team members and work effectively as part of team unit
• Develop, evaluate and utilise novel methods to hunt for indicators of compromise and perform analysis across large sets of data
• Assist in the development of internal guidelines, playbooks and knowledge base
• Demonstrate industry thought leadership through blog posts and occasional public speaking events

Skills and Qualifications

• 3-5 years of professional experience (2 years directly related to IR or functional area) or equivalent combination of education and experience
• Bachelor's degree in digital forensics, cybersecurity, computer science, information systems or similar field
• Working as part of a team in a remote matrixed consulting environment
• Incident Response: conducting or managing IR investigations for organizations, responding to opportunistic and targeted threats such as
• BECs, FTFs, ransomware and APTs
• Digital Forensic Analysis: a background in using different forensic analysis tools in incident response investigations to determine the extent and scope of compromise and possessing creativity and logic in approaching complex forensic problems
• Incident Remediation: strong knowledge of opportunistic and targeted attacks and ability to generate customized strategic and tactical remediation plans for clients
• Network Forensic Analysis: strong knowledge of networking protocols, network analysis tools, and ability to perform analysis of associated network logs
• SOC and EDR: experience with EDR solutions and leveraging detections and analytics to mitigate threats appropriately
• Possessing an understanding of secure network architecture and a strong knowledge of networking fundamentals
• Cloud Incident Response: knowledge in AWS, Azure, GCP incident response strategies

Additional Requirements

• Excellent problem-solving skills with the ability to diagnose and troubleshoot technical issues
• Customer oriented with a strong interest in client satisfaction
• Ability to learn new technologies and concepts quickly, and comfortable using command-line interfaces
• Capable of leading teams of highly motivated analysts
• Communicate highly technical information to a non-technical audience
• Ability to handle and work with clients through high stress situations
• Proficiency in project management
• Foster a positive work environment and attitude
• Flexibility with your work schedule in times of urgent response needs
• Contribute to thought leadership within the DFIR industry

Bonus Skills

• GCIH, GCIA, GCFA, GCFE, ACE, EnCE, CFCE, CISSP, or similar

Compensation

Our compensation reflects the cost of labor across several US geographic markets. The US base salary for this position ranges from $122,000/year in our lowest geographic market up to $161,000/year in our highest geographic market. Consistent with applicable laws, an employee's pay within this range is based on a number of factors, which include but are not limited to relevant education, skills, job-related knowledge, qualifications, work experience, credentials, and/or geographic location. Your recruiter can share more on target salary for your location during the interview process. Coalition, Inc. reserves the right to modify this range as needed.

Perks

• 100% medical, dental and vision coverage
• Flexible PTO policy
• Annual home office stipend and WeWork access
• Mental & physical health wellness programs (One Medical, Headspace, Wellhub, and more)!
• Competitive compensation and opportunity for advancement