Dell Senior Advisor Incident Response Consultant 

United States, California 

228754785

This position requires up to 20% travel.

On call is required once every eight weeks.

About Secureworks

Secureworks (NASDAQ: SCWX) is a global cybersecurity leader that secures human progress with Secureworks® Taegis™, a SaaS-based, open XDR platform built on 20+ years of real-world threat intelligence and research, improving customers’ ability to detect advanced threats, streamline and collaborate on investigations, and automate the right actions.

Role Responsibilities

• Serve as a trusted advisor to assist customers through a cyber incident or data breach ensuring customer satisfaction.
• Serve as subject matter expert in digital forensics and incident response (DFIR).
• Perform complex incident response investigative analysis and develop assessments based on the analysis of host, network, and cloud digital artifacts.
• Document analysis findings and develop recommendations to present both orally and in written reports to customers.
• Conduct assessments of client readiness to respond to incidents, including designing and delivering incident response exercises to test client incident response plans.
• Develop detailed playbooks based on client needs.
• Design and deliver incident response exercises to test client incident response plans.
• Manage urgent and critical interactions with customers.
• Maintain professional, calming, and authoritative presence during a crisis.
• Participate in a 24x7 on-call rotation for supporting requests from global incident response customers.
• Travel as needed to assist customers with on-site incident response efforts.

Required Skills

• Minimum of 5 years of advanced security, digital and network forensics experience
• Minimum of 3 years of experience with one or more of the following tools: Encase, FTK, X-Ways, F-Response, Volatility, Open-Source Forensics Tools
• Bachelor's degree in computer science, information systems, information assurance, or equivalent work experience
• Minimum of one or more of the following certifications: GREM, GCFA, GCFE, CISA or CISSPGCIH, GCFE, GCFA, GREM or similar certifications
• Strong communication skills (oral and written)
• Experience briefing senior-level leadership and conveying technical information to audiences of varying backgrounds and skill levels.
• Ability to prioritize urgent tasks and work multiple consulting engagements concurrently.
• Desire to work with customers to solve complex cybersecurity issues, including during crisis situations.

Theoretical and practical knowledge in the following areas:

• Windows and Linux operating systems
• AWS, Azure (including Microsoft 365), and GCP
• Exploits, vulnerabilities, intrusion vectors, and malware
• Tactics, techniques, and procedures (TTPs) commonly employed by threat actors
• Host forensics, network forensics, and malware analysis techniques
• Network traffic analysis, endpoint activity analysis, and log analysis techniques
• Enterprise cyber incident management and response processes
• Enterprise cybersecurity controls and failure modes
• Modern Enterprise Detection and Response (EDR) tools.