About
Job Description
Job ID R1900509 Date posted Jan. 30, 2019
As a Sr. Incident Response Analyst, you are responsible for:
* Providing subject matter expertise on incident response and forensic analysis.
* Implementing processes, capabilities, and techniques for incident response and forensic analysis.
* Responding to security incidents escalated from other teams.
* Performing triage and analysis on workstations, servers, mobile devices, cloud platforms, and network infrastructure.
* Identification of malware using memory analysis, live forensics, and hard drive forensics.
* Performing malware analysis through peer collaboration, sandboxed analysis, and reverse engineering.
* Identifying key Indicators of Compromise (IOCs) from new or unknown malware and developing rules and signatures for detection.
* Contributing to active threat hunting programs and security monitoring use cases.
* Contributing to the strategic direction for incident response and forensic analysis capabilities at VMware.
* Identifying and documenting lessons learned from incidents, participating in remediation requirements definition.
* Maintaining current knowledge and understanding of the threat landscape and emerging security threats and vulnerabilities.
* Maintaining a high level of confidentiality.
Required skills and experience:
* Over 8 years of experience in Incident Response, forensic analysis, and malware research.
* Strong understanding of threat analysis and incident response practices and methodologies.
* Experience with YARA rule and OpenIOC signature creation.
* Experience with cloud computing and security issues related to cloud environments.
* Experience with incident response and forensic analysis on cloud platforms (Amazon Web Services, Microsoft Azure, Google Cloud Platform).
* Authoritative technical knowledge of Internet security and networking protocols.
* Strong knowledge of Windows, Linux, and OSX operating systems.
* Scripting skills such as Python, Perl, Shell, Bash.
* Strong analytical skills and ability to identify advanced threats.
* Ability to communicate effectively at all levels of an organization, across diverse cultural and linguistic barriers, and among a geographically distributed team.
* Ability to collaborate effectively as part of a team and work independently with minimal supervision.
* Ability to quickly adapt as the external environment and organization evolves.
* Ability to rapidly adjust to new challenges and changes in priority.
* Self-motivated, collaborative, and detail oriented.
* Positive and constructive attitude.
* Ability to prioritize projects and operational workload.
* Excellent written and verbal communications.
* Availability outside working hours for high priority events.
* Some travel required.
Desired skills/experience/certification:
* Bachelor's degree or equivalent experience, Master's degree desirable.
* Security certifications such as GCIH, GCFE, GCFA, GREM, GNFA, GASF, CISSP.
Apply now Apply now