Senior Incident Response Consultant

Posted 03 May 2022
Salary 120000-130000
LocationTysons Corner
Job type Permanent
Discipline Cyber Security
Reference53057
Contact NameMatthew Chipchase
Remote working Remote

Job description

 

Senior Incident Response Consultant
Remote; United States
up to $130,000 + bonus + annual training allowance + benefits

Stott and May are looking for an experienced Senior Consultant for Incident Response to join a collaborative and skilled team based in
the US. The full-time role is fully remote, focusing on supporting the IR lifecycle and providing indicators to the SOC that will assist in enhanced detection capabilities of network, log, and host data.

As a member of the Incident Response team, you will be responsible for not only leading technical analysis, but also for communicating effectively and providing off-hours support as needed.

Some of your primary responsibilities as an Incident Response Consultant will include:

  • Conducting forensic host, network, and application technical investigations
  • Triaging active high-stakes security events, including reviewing and applying security controls to detect, respond, prevent and remediate threats
  • Recognizing and codifying attacker tools, tactics, and procedures in indicators of compromise IOCs that can be applied to current and future investigations
  • Developing custom scripts, tools, or methodologies to enhance incident response processes for a wide range of systems and technologies

The Senior Consultant will need the technical chops to analyze intrusions, detect incidents, and assist in responding to our clients. You must have 4+ years of experience in a forensic and incident response role and experience using analytical skills in a cybersecurity environment to triage and detect events that transpired and deal with Ransomware forensic investigations. We are also looking for the following:

  • Qualified as a GIAC Certified Incident Handler (GCIH), GIAC Certified Forensic Analyst (GCFA), GIAC Reverse Engineering Malware (GREM), MCFE, EnCE or equivalent
  • Hands-on working knowledge of Windows OS and networking protocols, Windows disk and memory forensics, Unix OS and networking protocol, Network traffic analysis and Scripting and/or programming
  • Experience with commercial EDR (SentinelOne, Blackberry PROTECT, CarbonBlack, CrowdStrike) and Forensic tool suites (FTK, AXIOM, EnCase)
  • Working knowledge of reverse engineering and malware analysis

In return for your expertise, inclusive approach, and commitment, our client will provide an excellent salary, career progression, and the chance to join a passionate and welcoming team.

Please reach out to the Stott and May team today to apply and register your interest. We look forward to hearing from you!