Office Tour Photos
Cybereason gives organizations the upper hand by taking an entirely new approach to cybersecurity with AI Hunting, the first AI-powered technology that answers the question Am I under attack? proactively, without manual effort.
We are a company that wins as one. We are daring, always evolving, and never give up. Most importantly we accept our employees for who they are and embrace people that may not fit the typical mold #UBU.
Cybereason's Strategic Services team operates as the highest escalation tier in the Cybereason services organization. This team provides high touch, consultancy engagements for the Cybereason customers in need. The team works with various parts of the company including: the product engineering, SOC, threat research and marketing team.
The Strategic Services team is a global team, bringing together professionals from different regions of the world. The team is an interdisciplinary team, where the team members enrich each others work with their respective experience, skills and perspective.
IR Consultant responsibilities consist of the following:
- Perform emergency response and proactive services such as: Compromise Assessment, Security Practice and Plan Assessment and Incident Response
- Conduct malware analysis and identification of Indicators of Compromise (IOCs) to evaluate incident scope and associated impact.
- Identify attribution and potential threat and impact to Cybereason customers through the following cybersecurity method of: Preparation for malicious actions, identification of malicious actions, containment of a security incident, eradication of the malicious software, and system recovery.
- Enhance workflow and processes driving incident response and mitigation efforts.
- Executes the Incident Response Lifecycle to drive threat remediation and identify strategic countermeasures improving future defenses.
- Improve and maintain the Incident Response infrastructure and tools.
- Work closely with the threat research team and the SOC to maintain the latest intelligence and techniques in the wild.
What We're Looking For:
- A minimum 5 year experience within Host and network based Forensics (Open Source tools, EDR, Network Security Monitoring (NSM) / Traffic and Log Analysis)
- Experience with log parsing and data analytics platforms (e.g. Splunk or similar)
- Strong knowledge and understanding of Windows and Linux operating systems.
- Good general knowledge of common enterprise technology such as Active Directory, Web Applications, Databases, and Systems Management.
- Applied practical knowledge of any scripting languages (Python, Bash, Powershell, Java/\script/Vbscript etc).
- Experience with hands-on penetration testing against Windows, Unix, or web application targets
- Superb oral and written communication skills - emphasis on technical writing.
Candidate with at least one of the following skills is likely to have an advantage:
- Experience working with EDR or other behavioral-based detection platforms.
- Experience in Reverse engineering malware (static + dynamic)
- GCFA, GREM, GNFA, GCTI, GCIA, GCIH or other relevant certifications aligned with Qualifications above.
More Jobs From