Dell SecureWorks is a market leading provider of world-class information security services with over 3,000 clients worldwide spanning North America, Latin America, Europe, the Middle East and the Pacific Rim. Organizations of all sizes, including more than ten percent of the Fortune 500, rely on Dell SecureWorks to protect their assets, improve compliance and reduce costs. The combination of strong client service, award-winning security technology and experienced security professionals makes Dell SecureWorks the premier provider of information security services for any organization. Positioned in the Leader’s Quadrant of Gartner’s Magic Quadrant for MSSPs, Dell SecureWorks has also won SC Magazine's "Best Managed Security Service" award for 2006, 2007, 2008 & 2009.
Dell SecureWorks provides incident response and digital forensics services as part of their consulting practice and looking for incident response and forensics analyst consultant.
Our team of experts covers a range of incident assignments, including:
We’re looking for someone with:
- Analyzing data breaches, determining the cause and extent of data loss, and advising on immediate, mid-term and long-term remediation;
- Briefing and/ or advising executive management on breach response and best practices;
- Handling complex computer forensics investigations and providing expert services in data leakage, employee malfeasance, and APT investigations;
- Providing focused e-discovery consulting, collection and processing;
- Providing breach plan after-action analysis
- Providing CIRT plan and program development and disclosure planning through tabletop and war gaming scenarios and compliance integration.
The right candidate will be obsessed with accuracy but still able to get relevant results to clients ahead of schedule; be able to triage multiple cases; function in a highly confidential environment; survive without an administrative assistant; and able to work in a team or on their own. While highly technical, the position also requires an understanding of what makes people tick. In particular, the right candidate will have the ability to rapidly shift gears between a techie and an investigative mindset, and have excellent research skills, being able to analyze and synthesize data from different sources.
- a love of all things tech
- in-depth incident response/ computer forensic experience
- an understanding of why firms and corporations hire consulting firms and who the competitors are in the field
- previous consulting exposure is required to understand the lifestyle
- the enthusiasm and sense of humor to be part of a rapidly growing team
- ability to travel up to 70% (not kidding)
- provide weekend and holiday coverage when on-call
The position requires remote lab work at our Atlanta and Dallas office, on-site investigations at clients’ premises throughout the US, and potential travel overseas. By the nature of incident response, the job can be 24/7 – though we provide a relaxed workplace environment.
1.1 At least 2 years’ active experience as part of an incident response team (either in-house or as a consultant) - for IR Handler
1.2 At least 5 years’ active experience as part of an incident response team (either in-house or as a consultant) and 2 years leading multiple investigations - for Senior IR Handler
2. Two or more of the following certifications (one certification from each group minimum):
3. Working knowledge of forensic tools such as Encase, FTK, Helix, Knoppix, Slax, Sleuthkit, SIFT, BlackLight and/or MacForensicsLab.
- Group 1: GIAC Certified Incident Handler (GCIH); GIAC Certified Intrusion Analyst (GCIA); GIAC Reverse Engineering Malware (GREM);
- Group 2: GIAC Certified Forensic Analyst (GCFA); GIAC Certified Forensic Examiner (GCFE); Encase Certified Examiner (EnCE); Certified Computer examine (CCE); AccessData Certified Examiner (ACE)
4. Experience with Unix, Linux, Mac, and Windows systems; a solid understanding of networking, firewalls, and the various protocols involved in data sharing and communications
5. Working knowledge of current data collection, storage, and chain of custody best practices
6. Excellent reporting skills (both written and verbal)
7. Strong PCI (Payment Card Industry) knowledge and experience
The following, while not required, would be strong bonuses:
1. Experience with Snort, Nmap, and/or Backtrack. Understanding the managed security services (MSS) and log retention services.
2. Ability to surreptitiously monitor a network and construct a honeypot
3. Working knowledge of cell phone/ PDA forensic tools (e.g. Paraben Device Seizure, Guidance Neutrino, BitPim, Cellebrite, AccessData Mobile Kit)
4. Experience testifying, preferably as an expert, in the area of digital investigations or info sec best practices
5. Experience presenting to potential clients or trade groups in the area of incident response or computer forensics
6. Knowledge of open-source analysis, collection, and file repair tools
7. Experience scripting (e.g. Perl, Python, Enscript, Bash, PowerShell, Ruby) and/ or coding
8. Experience with malware assembly / debugging / reversing
9. Experience working in a data-regulated industry (e.g. HIPAA, breach notification laws, PCI, SOX); credit card fraud investigation
Dell is an Equal Opportunity Employer.
To learn more about our commitment to Diversity & Inclusion, visit:
Equal Employment Opportunity Policy Statement
Since 1985, Dell has played a critical role in enabling more affordable and accessible technology around the world. As an end-to-end...