Dell Incident Response Advisor 

Romania, Bucharest 

685861972

:

• Review security-related events and assess their risk and validity based on available telemetry from network, endpoint, and global threat intelligence information in order to provide clients with concise, detailed, and well-written incident reports, root causes identification, and remediation recommendations
• Provide customers with understandable context around their security environment and threats
• Interface with clients to address their issues, concerns, and questions, and drive to satisfactory closure any issues that impact the service and its value
• Work with client and internal SecureWorks incident response teams to resolve ongoing intrusions, malware outbreaks, and other security incidents
• Provide mentorship to SecureWorks team members and clients on security strategy, tactics, techniques, and procedures
• Use the SecureWorks platform to proactivity hunt for and investigate activity within the client environment
• Provide support for all other teams involved in the delivery of the service whenever they have questions or requests from clients about specific investigations/alerts/chat/tickets.
• Provide feedback on flows/processes/tools issues and reported them according to internal processes.

:

• Ability to write scripts to automate new and existing tasks
• Strong technical communication skills, both written and verbal
• Attention to detail and great organizational and time management skills
• Excellent problem-solving skills that would allow for the ability to diagnose and troubleshoot technical issues
• Client-focused with a passion for delivering service excellence
• Strong sense of urgency and ability to work under pressure
• Possess high standard of integrity and confidentiality

Education and Experience

• 3-5+ years of relevant experience or equivalent combination of education and work experience:
• Completion of a Bachelor’s degree or equivalent program in Computer Science, Network Security, Information Security or other applicable field and 3-5 years of work experience in the field

Good experience with and excellent understanding of:

• Security mechanism build within Operating systems
• Fundamental Internet protocols, services and technologies (e.g., HTTP/HTTPS, DNS, SMTP, SSH, LDAP, TCP/IP, UDP, ICMP, JSON, REST, etc.)
• Common security controls (e.g., firewalls, proxies, IDS/IPS, WAF, etc.)

Experience with and strong understanding of:

• Performing both endpoint and network-based investigations
• Reviewing logs to identify evidence of past intrusions
• Pivot off indicators within networks to identify the scope and breadth of attacks
• Malware and exploit kit functionality
• Operating system and application exploits
• Lateral movement, living-off-the-land, and persistence establishment mechanisms
• Detection of anomalous system activity