IT Incident Response & Computer Forensics - Dell SecureWorks
Dell Financial Services L.P. 2,013 reviews - Atlanta, GA

This job posting is no longer available on Dell Financial Services L.P.. Find similar jobs:Dell Financial Services jobs

Security Analyst – Incident Response & Handling

The candidate selected for this position will have at least 10 years of experience working on active incidents either as an employee of or a consultant for a large company. The work will be performed on site at the customer location in Atlanta, GA.

Essential Duties and Responsibilities

At least 10 years active experience as part of an incident response team working as an IR Handler (either in-house or as a consultant)

Act as a Subject Matter Expert (SME) for incident response and forensics

Manage and perform incident response activities including

Searching device and server logs.

Locating malware on a computer

Identifying the attack vector

Remediating infected computer(s)

Building a timeline showing how the incident unfolded.

File carving

Briefing customer on extent of incident and response strategy

Perform storage forensics (for example, hard drives, phones, USB storage)

Utilize Company-owned forensic tools (Encase, FTK, Helix, Wireshark, etc.) in the course of investigations

Utilize other Incident response tools such as Nmap, Wireshark and Snort,

Perform network storage forensics (for example, capturing network traffic for analysis)

Perform file-system analysis and file carving (for example, to extract email, documents, and other trace evidence)

Establish timelines and patterns of activity of individuals and electronic devices and software

Follow forensically sound practices, including preserving chain of custody

Consult with Company legal team on privacy, policy and compliance concerns

Develop companywide remediation plan of actions as a result of investigative discovery within

Company business and IT infrastructure

Adequately communicate with all key stakeholders to ensure both confidentiality of information and expedient evidence collection

About SecureWorks


Dell SecureWorks is a market leading provider of world-class information security services with over 2,800 clients worldwide spanning North America, Latin America, Europe, the Middle East and the Pacific Rim. Organizations of all sizes, including more than ten percent of the Fortune 500, rely on SecureWorks to protect their assets, improve compliance and reduce costs.

The combination of strong client service, award-winning security technology and experienced security professionals makes SecureWorks the premier provider of information security services for any organization. Positioned in the Leader’s Quadrant of Gartner’s Magic Quadrant for MSSPs, SecureWorks has also won SC Magazine's "Best Managed Security Service" award for 2006, 2007, 2008, 2009 and 2011.


Required Knowledge, Skills and Abilities

Experience managing large and small scale incidents

Experience leading digital forensic investigations

Working knowledge of forensic tools such as Encase, FTK, Helix, Knoppix, Slax, Sleuthkit, SIFT, BlackLight and/or MacForensicsLab

Familiarity with the following technologies: Active Directory, Virtualization platforms, Microsoft Windows, Unix, Linux, Mac OS X, LDAP, Active Directory, 802.11 wireless, firewalls, routers, network protocols and architecture, databases, VPN/RAS, IDS/IPS

Understanding of risk-based frameworks

Understanding of one or more frameworks: PCI-DSS, Sarbanes Oxley, NERC-CIP, HIPAA, FISMA, ISO, COBIT, NIST

Broad information security knowledge and experience

Very good understanding of MS Windows architecture and design

Strong understanding of networking protocols such as RIP, EIGRP, OSPF, network tools such as Wireshark and Nmap and networking principles such as subnet masks, CIDR and spanning-tree protocol

CISSP credential

Preferred Knowledge and skills

Bachelor’s degree in Computer Science or related field

GIAC Certified Incident Handler (GCIH)

GIAC Certified Intrusion Analyst (GCIA)

Microsoft MCSE certification.

Social Skills

Good interpersonal communication skills.

Strong writing skills

Some management experience as a team lead is helpful. Candidate may be required to oversee other security staff





Dell is an Equal Opportunity Employer.

To learn more about our commitment to Diversity & Inclusion, visit:

Equal Employment Opportunity Policy Statement

Life at Dell

Learn about Dell culture, the interviewing process and benefits offered in your location:

Life at Dell

About this company
2,013 reviews
Since 1985, Dell has played a critical role in enabling more affordable and accessible technology around the world. As an end-to-end...