Expoint - all jobs in one place

The point where experts and best companies meet

Limitless High-tech career opportunities - Expoint

Dell Senior Advisor Incident Response Consultant 
United States, California 
228754785

27.06.2024

This position requires up to 20% travel.

On call is required once every eight weeks.

About Secureworks

Secureworks (NASDAQ: SCWX) is a global cybersecurity leader that secures human progress with Secureworks® Taegis™, a SaaS-based, open XDR platform built on 20+ years of real-world threat intelligence and research, improving customers’ ability to detect advanced threats, streamline and collaborate on investigations, and automate the right actions.

Role Responsibilities

  • Serve as a trusted advisor to assist customers through a cyber incident or data breach ensuring customer satisfaction.
  • Serve as subject matter expert in digital forensics and incident response (DFIR).
  • Perform complex incident response investigative analysis and develop assessments based on the analysis of host, network, and cloud digital artifacts.
  • Document analysis findings and develop recommendations to present both orally and in written reports to customers.
  • Conduct assessments of client readiness to respond to incidents, including designing and delivering incident response exercises to test client incident response plans.
  • Develop detailed playbooks based on client needs.
  • Design and deliver incident response exercises to test client incident response plans.
  • Manage urgent and critical interactions with customers.
  • Maintain professional, calming, and authoritative presence during a crisis.
  • Participate in a 24x7 on-call rotation for supporting requests from global incident response customers.
  • Travel as needed to assist customers with on-site incident response efforts.

Required Skills

  • Minimum of 5 years of advanced security, digital and network forensics experience
  • Minimum of 3 years of experience with one or more of the following tools: Encase, FTK, X-Ways, F-Response, Volatility, Open-Source Forensics Tools
  • Bachelor's degree in computer science, information systems, information assurance, or equivalent work experience
  • Minimum of one or more of the following certifications: GREM, GCFA, GCFE, CISA or CISSPGCIH, GCFE, GCFA, GREM or similar certifications
  • Strong communication skills (oral and written)
  • Experience briefing senior-level leadership and conveying technical information to audiences of varying backgrounds and skill levels.
  • Ability to prioritize urgent tasks and work multiple consulting engagements concurrently.
  • Desire to work with customers to solve complex cybersecurity issues, including during crisis situations.

Theoretical and practical knowledge in the following areas:

  • Windows and Linux operating systems
  • AWS, Azure (including Microsoft 365), and GCP
  • Exploits, vulnerabilities, intrusion vectors, and malware
  • Tactics, techniques, and procedures (TTPs) commonly employed by threat actors
  • Host forensics, network forensics, and malware analysis techniques
  • Network traffic analysis, endpoint activity analysis, and log analysis techniques
  • Enterprise cyber incident management and response processes
  • Enterprise cybersecurity controls and failure modes
  • Modern Enterprise Detection and Response (EDR) tools.