Cyberark Incident Response Senior Consultant 

Mexico, Sinaloa, Culiacán 

897638648

Responsibilities:

• Investigate and analyze incidents with EDR systems to respond to ongoing security incidents in real-time.
• Develop Incident Response initiatives that improve our ability to respond and remediate security incidents effectively.
• Tracing malware activity and patterns and understanding how to remove malware non-destructively.
• Recognize attacker Tools, Tactics, and Procedures (TTP) and Indicators of Compromise (IOC) and apply to future incident response events.
• Analyze binary files to determine the legitimacy and extract IOCs when possible
• Conducting forensic examinations on physical devices and performing analyses on live and collected memory.
• Create and refine detection and incident response playbooks.
• Collaborate with internal and customer teams to investigate and contain incidents.
• Produce high-quality written reports, presentations, and recommendations, to key stakeholders including customer leadership, and legal counsel.
• Establishing a collaborative environment for sharing data on machine timelines and suspicious events.
• Create operational metrics, key performance indicators (KPIs), and service level objectives to measure team competence.

• 4+ years’ experience working with incident investigations and containment procedures
• 4+ years’ experience with network, disk, memory, and cloud forensics
• Minimum 1 year of experience leading Incident Response investigations and performing the following: network/log forensics, malware analysis, disk forensics, and memory forensics.
• Excellent time and project management skills with strong written and verbal communication abilities, capable of creating clear documentation and conveying complex technical concepts concisely.
• Skilled in building and maintaining effective relationships with customers, managing expectations, and ensuring seamless collaboration to achieve shared objectives
• Experienced deploying software within customer environments using tools such as Intune, SCCM, GPO, AWS System Manager, Azure Automation, Ansible, Puppet, JAMF, and scripts.
• Experienced with the following:
  • EDRs such as CrowdStrike Falcon, SentinelOne, MDE
  • Leading projects and debriefing customers
  • Creating and modification of scripts
  • Enterprise security architecture and security controls.
  • Cloud incidents and forensic responses.
  • Malware triage analysis and disk or memory forensics for Windows, macOS, or Linux
  • Software deployment tools such as Intune, Jamf, Ansible, Puppet, SCCM, CPO, and AWS System Manager.
• Preferred experience:
  • Collection tools such as Splunk, Kibana, or ELK Stack
  • Familiarity with collection tools like Splunk, Kibana, or the ELK Stack.
• Preferred certifications: GCIH, GX-FA, GNFA, GREM, GCIA, CREST CPIA, CREST CFIA, CFCE, CEH, etc.

The salary range for this position is $200,000 – $275,000/year, plus commissions or discretionary bonus, which will be based on the employee’s performance. Base pay may also vary considerably depending on job-related knowledge, skills, and experience. The compensation package includes a wide range of medical, dental, vision, financial, and other benefits.