Incident Response and Forensics Analsyt - Dell SecureWorks
Dell Financial Services L.P. - Remote

This job posting is no longer available on Dell Financial Services L.P.. Find similar jobs: Incident Response Forensic Analsyt jobs - Dell Financial Services jobs

Security Analyst – Incident Response & Handling

The candidate selected for this position will have at least 10 years of experience working on active incidents either as an employee of or a consultant for a large company. The work will be performed on site at the customer location in Thousand Oaks California.

Essential Duties and Responsibilities:
At least 10 years active experience as part of an incident response team working as an IR Handler (either in-house or as a consultant)

Act as a Subject Matter Expert (SME) for incident response and forensics

Manage and perform incident response activities including:
Searching device and server logs.

Locating malware on a computer

Identifying the attack vector

Remediating infected computer(s)

Building a timeline showing how the incident unfolded.

File carving

Briefing customer on extent of incident and response strategy

Perform storage forensics (for example, hard drives, phones, USB storage)

Utilize Company-owned forensic tools (Encase, FTK, Helix, Wireshark, etc.) in the course of investigations

Utilize other Incident response tools such as Nmap, Wireshark and Snort,

Perform network storage forensics (for example, capturing network traffic for analysis)

Perform file-system analysis and file carving (for example, to extract email, documents, and other trace evidence)

Establish timelines and patterns of activity of individuals and electronic devices and software

Follow forensically sound practices, including preserving chain of custody

Consult with Company legal team on privacy, policy and compliance concerns

Develop companywide remediation plan of actions as a result of investigative discovery within

Company business and IT infrastructure

Adequately communicate with all key stakeholders to ensure both confidentiality of information and expedient evidence collection

Qualifications

Required Knowledge, Skills and Abilities

Experience managing large and small scale incidents

Experience leading digital forensic investigations

Working knowledge of forensic tools such as Encase, FTK, Helix, Knoppix, Slax, Sleuthkit, SIFT, BlackLight and/or MacForensicsLab

Familiarity with the following technologies: Active Directory, Virtualization platforms, Microsoft Windows, Unix, Linux, Mac OS X, LDAP, Active Directory, 802.11 wireless, firewalls, routers, network protocols and architecture, databases, VPN/RAS, IDS/IPS

Understanding of risk-based frameworks

Understanding of one or more frameworks: PCI-DSS, Sarbanes Oxley, NERC-CIP, HIPAA, FISMA, ISO, COBIT, NIST

Broad information security knowledge and experience

Very good understanding of MS Windows architecture and design

Strong understanding of networking protocols such as RIP, EIGRP, OSPF, network tools such as Wireshark and Nmap and networking principles such as subnet masks, CIDR and spanning-tree protocol

CISSP credential

Preferred Knowledge and skills

Bachelor’s degree in Computer Science or related field

GIAC Certified Incident Handler (GCIH)

GIAC Certified Intrusion Analyst (GCIA)

Microsoft MCSE certification.

Social Skills

Good interpersonal communication skills.

Strong writing skills

Some management experience as a team lead is helpful. Candidate may be required to oversee other security staff

"CBAM1"

"MOAM1"

"DCAM1"

TSF/18EK

Dell is an Equal Opportunity Employer.

To learn more about our commitment to Diversity & Inclusion, visit:

Equal Employment Opportunity Policy Statement

Life at Dell

Learn about Dell culture, the interviewing process and benefits offered in your location:

Life at Dell

Dell Financial Services L.P. - 2 years ago - save job - copy to clipboard
About this company
1,482 reviews
Since 1985, Dell has played a critical role in enabling more affordable and accessible technology around the world. As an end-to-end...