Trend Micro: Securing Your Connected World
Trend Micro, the world's largest independent security software company, strives to make the world a safer place by protecting digital information. Our solutions for consumers, businesses and governments provide layered security to protect information on mobile devices, endpoints, gateways, servers and the cloud. Trend Micro enables the smart protection of information, with innovative technology that is simple to deploy and manage, and security that fits an evolving ecosystem. Our solutions are supported by over 5000 employees in over 50 countries and powered by the world's most advanced cloud-based global threat intelligence, the Trend Micro™ Smart Protection Network™.
The Incident Response Consultant supports Trend Micro efforts to provide incident response and analytic capabilities to technical support cases submitted to Trend Micro, as well as to the Managed Detection and Response Operations. The Incident Response Consultant has vast technical knowledge with Trend Miro products and technology, and is well versed in performing incident response, network monitoring, and has performed related malware analysis. The Incident Response Consultant should be a strong leader with the ability to perform multiple types of analysis roles independently, or co-working with a Security Operations Center includes providing mitigation recommendations. The Incident Response Consultant will also be responsible for leading and working on projects that will support tactical and strategic business objectives.
Duties & Responsibilities
* Drive threat incidents to resolution by performing host and network level analysis to support on-going investigations through incident response with the use of Trend Micro Products and Technology.
* Serve as a contact point for suspicious and malicious events escalated by technical support cases, as well as from the Managed Detection and Response Operations.
* Review and analyze technical components of malware and other related threat activities while developing and refining detection criteria.
* Review security events and data sources to develop and refine detection criteria, as well as generate threat intelligence.
* Drive threat research initiatives to further incident response capabilities by contributing to incident response program development and special projects.
* When needed, play a key technology advisor role across teams/groups and lead projects requested by leadership.
* Work with teams/groups, as well as fellow team members, to come up with remediation plans for customers.
* Effectively communicate technical findings by speaking directly to customers, mentoring less experienced staff, or presenting at conferences.
* Build scripts, tools or develop methodologies for automation using a scripting language of choice, and comfortable to interface with APIs.
* Must be willing and able to travel, when necessary.
* Occasional evenings and weekends may be required.
* Must be able to work 'on call' for incident response.
* Multiple years of experience in a full-time security position using Trend Micro products, preferably working in technical support, incident response or threat remediation.
* At least 7 years installing/configuring/managing and troubleshooting multiple Trend Micro products for deployed on server/desktop (such as OfficeScan, ServerProtect, DeepSecurity), network (such as DeepDiscover Inspector, Tipping Point) or email/web gateways (such as InterScan Messaging Security, InterScan Web Security, ScanMail, Hosted Email Security).
* Familiarity with Trend Micro products and technology, such as scan engine (VSAPI/ATSE), Behavioral Monitoring, Web/Email Reputation, the Connected Threat Defense strategy, etc.
* Expert use of using Trend Micro tools, products or technology to manage incidents and perform incident investigations
* Expert or administrator level knowledge of Windows, Mac, or Linux systems
* Experience with log analysis, event correlation and incident management procedures and systems, as well as knowledge of host and network log sources to apply to investigation and incident response methodology in investigations
* Previous experience with malware, digital forensics techniques and various commercial and open source tools is a plus, such as (but not limited to) memory (winpmem) and disk (dd, dclfdd) dumpers, FTK Imager, SIFT Workstation, Volatility Framework, Wireshark, Bro/SiLK, Netflow
* At least a bachelor's degree in a related field, or 7 years of relevant experience.
* Aptitude for learning, be self-directed, and be capable of working in a fast-paced operations environment
* Strong abilities to communicate through oral and written methods to internal and external stakeholders
* Strong abilities to interface between multiple departments, with strong customer service skills
* Must be willing to travel as required to respond to an incident (less than 10% travel)
* Must be available to work on-call or off hours as needed to respond to an incident
Trend Micro provides equal employment opportunity for all applicants and employees. Trend Micro does not unlawfully discriminate on the basis of race, color, religion, sex, pregnancy and childbirth or related medical conditions, national origin, ancestry, age, physical or mental disability, medical condition, family care leave status, veteran status, marital status, sexual orientation, or gender identity.
About Trend Micro
Trend Micro is a developer of server security, cloud security, and small business content security solutions.