Cybereason: Incident Response Consultant
200 Clarendon Street, Floor 18
Boston, MA 02116

Employee Testimonials

Video

Cybereason gives organizations the upper hand by taking an entirely new approach to cybersecurity with AI Hunting, the first AI-powered technology that answers the question Am I under attack? proactively, without manual effort.

We are a company that wins as one. We are daring, always evolving, and never give up. Most importantly we accept our employees for who they are and embrace people that may not fit the typical mold #UBU.

Cybereason's Strategic Services team operates as the highest escalation tier in the Cybereason services organization. This team provides high touch, consultancy engagements for the Cybereason customers in need. The team works with various parts of the company including: the product engineering, SOC, threat research and marketing team.

The Strategic Services team is a global team, bringing together professionals from different regions of the world. The team is an interdisciplinary team, where the team members enrich each others work with their respective experience, skills and perspective.

IR Consultant responsibilities consist of the following:

  • Perform emergency response and proactive services such as: Compromise Assessment, Security Practice and Plan Assessment and Incident Response
    • Conduct malware analysis and identification of Indicators of Compromise (IOCs) to evaluate incident scope and associated impact.
    • Identify attribution and potential threat and impact to Cybereason customers through the following cybersecurity method of: Preparation for malicious actions, identification of malicious actions, containment of a security incident, eradication of the malicious software, and system recovery.
    • Enhance workflow and processes driving incident response and mitigation efforts.
    • Executes the Incident Response Lifecycle to drive threat remediation and identify strategic countermeasures improving future defenses.
  • Improve and maintain the Incident Response infrastructure and tools.
  • Work closely with the threat research team and the SOC to maintain the latest intelligence and techniques in the wild.

What We're Looking For:

  • A minimum 5 year experience within Host and network based Forensics (Open Source tools, EDR, Network Security Monitoring (NSM) / Traffic and Log Analysis)
  • Experience with log parsing and data analytics platforms (e.g. Splunk or similar)
  • Strong knowledge and understanding of Windows and Linux operating systems.
  • Good general knowledge of common enterprise technology such as Active Directory, Web Applications, Databases, and Systems Management.
  • Applied practical knowledge of any scripting languages (Python, Bash, Powershell, Java/\script/Vbscript etc).
  • Experience with hands-on penetration testing against Windows, Unix, or web application targets
  • Superb oral and written communication skills - emphasis on technical writing.

Advantage skills

Candidate with at least one of the following skills is likely to have an advantage:

  • Experience working with EDR or other behavioral-based detection platforms.
  • Experience in Reverse engineering malware (static + dynamic)
  • GCFA, GREM, GNFA, GCTI, GCIA, GCIH or other relevant certifications aligned with Qualifications above.
Full-time

Employee Testimonials

Katherine Moan
Director of Finance

"Our roles and skills are constantly evolving. This core value encourages us to foster collaboration in real time with people all over the world, in order to come up with well rounded ideas that are actionable and provide real results that push us forward as a company."

Jordan Bowen
Customer Success Manager

"Cybereason is an awesome place to grow your career! It's a company full of opportunity and great people you can learn a lot from. If you're eager to continuously challenge and develop yourself, you'll fit right in."

Zach Lakovics
Channels Director

"As a field sales professional it can feel as if you are on an island and no matter how hard you scream and shout, you are never heard. At Cybereason, that is never the case. We act as one and we have access to all the right people and resources when we need it."

Ankur Chaturvedi
Senior Customer Success Manager

"As a CSM at Cybereason, having direct access and exposure to high level execs, not just at Cybereason, but with my clients is a differentiator. Previously working in sales, I would have to claw my way up the chain to get there, but as a CSM at Cybereason it's not just a recommendation, but an expectation that I'm communicating with them regularly."