Incident Response Analyst - Rockville, MD
Rockville, MD

Job Description

Responsibilities

* Responsible for all daily incident management of customer incidents
* Ability manage complicated incidents which span the globe
* Ability to utilize Check Point products in incident investigations
* Build incident playbooks for events and provide responses
* Creation of detailed incident report generation for customer events
* Perform incident response and forensic analysis of compromised systems, identify and provide recommendations for remediation of DDoS events and the ability to reverse engineer malware.
* Formulate and direct incident response efforts, prioritize those response efforts, and create legible incident reports that describe the compromise vector, attacker methodologies, and artifacts of data exfiltration.
* Perform forensic analysis of Windows and Unix systems to identify compromise artifacts.
* Build sandbox/test lab environments to evaluate malicious code
* Work within a team environment and will be responsible for coordinating work actions with that team.

Desired Background

* 2-5 years of experience performing incident response with an emphasis on system compromise analysis
* 1-2 years of experience performing security reviews/vulnerability risk assessments of network environments using both manual procedures and automated analysis tools.
* 1-2 years of experience of the TCP/IP protocol suite, security architecture, and remote access security techniques/products.
* 1-2 years of experience with enterprise anti-virus solutions, virus outbreak management, and the ability to differentiate virus activity from directed attack patterns
* 1-2 years of endpoint or network forensics
* Ability to participate in on-call rotation
* Domestic and International travel may be required

EOE M/F/Veterans/Disabled