Dell Incident Response Consultant 

Australia, Canberra 

932773582

Secureworks (NASDAQ: SCWX) is a global cybersecurity leader that secures human progress with Secureworks® Taegis™, a SaaS-based, open XDR platform built on 20+ years of real-world threat intelligence and research, improving customers’ ability to detect advanced threats, streamline and collaborate on investigations, and automate the right actions.

Role Overview

Additionally, the Incident Response Consultant may be required to deliver a range of proactive incident response services. These services include cyber threat hunting to help customers identify unknown compromise activity and gaps in their cybersecurity controls, as well as workshops, training courses, and exercises to help customers improve their incident response capabilities.

Role Responsibilities

• Serve as subject matter expert in digital forensics and incident response (DFIR)
• Perform complex incident response investigative analysis and develop assessments based on the analysis of host, network, and cloud digital artifacts
• Document analysis findings and develop recommendations to present both orally and in written reports to customers
• Develop tailored incident response remediation plans for major cyber incidents to direct customer containment and recovery efforts
• Manage urgent and critical interactions with customers
• Maintain professional, calming, and authoritative presence during a crisis
• Participate in a 24x7 on-call rotation for supporting requests from global incident response customers
• Travel as needed to assist customers with on-site incident response efforts

Requirements

• Minimum five (5) years of cybersecurity experience in complex operating environments
• Minimum three (3) years in a customer facing support role (Security Engineer, Client Services, Consulting, Professional Services)
• Minimum of two (2) years of host forensics, network forensics, and cloud forensics experience for threat hunting and incident response efforts
• GCIH, GCFE, GCFA, GREM or similar certifications
• Strong communication skills (oral and written)
• Experience briefing senior-level leadership and conveying technical information to audiences of varying backgrounds and skill levels
• Ability to prioritize urgent tasks and work multiple consulting engagements concurrently
• Desire to work with customers to solve complex cybersecurity issues, including during crisis situations
• Theoretical and practical knowledge in the following areas:
  • Windows and Linux operating systems
  • AWS, Azure (including Microsoft 365), and GCP
  • Exploits, vulnerabilities, intrusion vectors, and malware
  • Tactics, techniques, and procedures (TTPs) commonly employed by threat actors
  • Host forensics, network forensics, and malware analysis techniques
  • Network traffic analysis, endpoint activity analysis, and log analysis techniques
  • Enterprise cyber incident management and response processes
  • Enterprise cybersecurity controls and failure modes
  • Modern Enterprise Detection and Response (EDR) tools