Data Forensics and Incident Response Consultant
Dallas, TX

Job Description

Worker Sub-Type:

Regular

Job Description:

THE POSITION

Cylance is seeking an experienced Cybersecurity Incident Response professional to join our expanding Incident Response practice. As part of the growing Consulting Services team, this position will have oversight and responsibility over assigned Incident Response engagements, Incident Response training programs, innovation of internal Cylance tools, and growing the IR practice overall.

WHO WE ARE LOOKING FOR

* Experience performing Digital Forensics and Incident Response (DFIR) investigations on multiple Operating Systems; Windows, Mac and Linux
* Tool agnostic with an emphasis on knowing the forensic artifacts themselves versus relying on tool output
* Knowledge of and the ability to use popular EDR technologies during DFIR engagements
* Experience analyzing a myriad of system and network logs using Splunk and/or ELK
* Knowledge of threat hunting and knowledge of the artifacts necessary to review while threat hunting
* Ability to analyze PCAP data
* Ability to triage and analyze malware dynamically within a virtual environment to quickly gain a set of IOCs during an IR engagement
* Knowledge of System Administrator roles and responsibilities with an understanding of Windows Domain environments
* Ability to be client facing by interacting with our clients and their executive leadership
* Creative problem-solving abilities and an analytic and qualitative eye for reasoning
* Self-starter with a knack for taking initiative and "getting things done"
* Must have a passion for your work and an ability to apply that passion to both daily tasks and larger projects
* Ability to work with a remote team via collaboration tools (Chat, Email, and Video Conferences)
* Strong documentation skills, ability to write executive and technical DFIR reports, as well as operational playbooks and procedures
* Ability to prioritize and complete multiple tasks with little to no supervision
* Intellectual curiosity, humility, accountability and positive approach
* Ability to work independently with substantial latitude for action and decision while maintaining focus on achieving optimal outcomes as part of a collaborative development effort
* Able to be on client site in Plano, TX Monday - Friday. (Relocation assistance available)

ABOVE AND BEYOND

* 5+ years of DFIR experience
* Proficient in a scripting or programming language. Bonus points if you have a GitHub page.
* Experience creating dashboards and creating data visualizations in Splunk, ELK, or other tools
* Experience using and tuning Intrusion Detection Systems to create high fidelity alerting
* Knowledge performing DFIR investigations in Cloud environments (Azure, O365, AWS, and Google)
* When an existing technology and/or process doesn't exist to do something, you want, you are the kind of person that takes initiative and builds the technology or process

WHAT WE NEED FROM YOU TO APPLY

* Current resume
* Cover letter/summary expressing:
* Why you are interested in working at Cylance
* The skills, strengths and expertise you will contribute to our diverse team of extraordinary talent and humble hearts



Job Family Group Name:

Sales

Scheduled Weekly Hours:

40