Incident Response Analyst
Dell - United States

This job posting is no longer available on Dell. Find similar jobs: Incident Response Analyst jobs - Dell jobs

Dell SecureWorks is a market leading provider of world-class information security services with over 3,000 clients worldwide spanning North America, Latin America, Europe, the Middle East and the Pacific Rim. Organizations of all sizes, including more than ten percent of the Fortune 500, rely on Dell SecureWorks to protect their assets, improve compliance and reduce costs. The combination of strong client service, award-winning security technology and experienced security professionals makes Dell SecureWorks the premier provider of information security services for any organization. Positioned in the Leader’s Quadrant of Gartner’s Magic Quadrant for MSSPs, Dell SecureWorks has also won SC Magazine's "Best Managed Security Service" award for 2006, 2007, 2008, 2009 & 2011.

Role:
Dell SecureWorks provides incident response and digital forensics services as part of their consulting practice and looking for incident response and forensics analyst consultant.
Our team of experts covers a range of incident assignments, including:
  • Analysing data breaches, determining the cause and extent of data loss, and advising on immediate, mid-term and long-term remediation;
  • Briefing and/ or advising executive management on breach response and best practices;
  • Handling complex computer forensics investigations and providing expert services in data leakage, employee malfeasance, and APT investigations;
  • Providing focused e-discovery consulting, collection and processing;
  • Providing breach plan after-action analysis
  • Providing CIRT plan and program development and disclosure planning through table top and war gaming scenarios and compliance integration.
We are looking for someone with:
  • In-depth incident response/ computer forensic experience
  • Previous consulting exposure is required to understand the lifestyle
  • Ability to travel up to 70%
The right candidate will be possess strong analytical capabilities; be able to triage multiple cases; function in a highly confidential environment; survive without an administrative assistant; and able to work in a team or on their own. While highly technical, the position also requires an understanding of what makes people tick. In particular, the right candidate will have the ability to rapidly shift gears between a techie and an investigative mind-set, and have excellent research skills, being able to analyse and synthesize data from different sources.

Requirements of the role:
1. Active experience as part of an incident response team (either in-house or as a consultant)

2. Two or more of the following certifications (one certification from each group at a minimum):
  • Group 1: GIAC Certified Incident Handler (GCIH); GIAC Certified Intrusion Analyst (GCIA); GIAC Reverse Engineering Malware (GREM);
  • Group 2: GIAC Certified Forensic Analyst (GCFA); GIAC Certified Forensic Examiner (GCFE); Encase Certified Examiner (EnCE); Certified Computer examine (CCE); AccessData Certified Examiner (ACE)
3. Working knowledge of forensic tools such as Encase, FTK, Helix, Knoppix, Slax, Sleuthkit, SIFT, BlackLight and/or MacForensicsLab.
4. Experience with Unix, Linux, Mac, and Windows systems; a solid understanding of networking, firewalls, and the various protocols involved in data sharing and communications
5. Working knowledge of current data collection, storage, and chain of custody best practices
6. Must possess excellent written and verbal communication skills
Essential Duties & Responsibilities
  • Able to work on multiple projects concurrently, manage time effectively, and require minimal supervision in the execution of a project
  • Perform network assessments and other client work related to Dell SecureWorks professional services offerings
  • Document findings and create reports for professional service client both in written and verbal formats.
  • Ability to perform project tasks with little or no supervision
  • Ability to create detailed, professional documentation to be delivered to client
  • Able to create and recommend remediation for security issues
  • Provide specific recommendations for a client’s business or technical issues
While not essential, the following would enhance a successful application:
1. Experience with Snort, Nmap, and/or Backtrack. Understanding the managed security services (MSS) and log retention services.
2. Ability to surreptitiously monitor a network and construct a honeypot
3. Working knowledge of cell phone/ PDA forensic tools (e.g. Paraben Device Seizure, Guidance Neutrino, BitPim, Cellebrite, AccessData Mobile Kit)
4. Experience testifying, preferably as an expert, in the area of digital investigations or info sec best practices
5. Experience presenting to potential clients or trade groups in the area of incident response or computer forensics
6. Knowledge of open-source analysis, collection, and file repair tools
7. Experience scripting (e.g. Perl, Python, Enscript, Bash, PowerShell, Ruby) and/ or coding
8. Experience with malware assembly / debugging / reversing
9. Experience working in a data-regulated industry (e.g. HIPAA, breach notification laws, PCI, SOX); credit card fraud investigation

Education and Experience:
  • Bachelor's degree preferred or equivalent, preferably in computer science or information systems or equivalent work experience
  • Relevant ttechnical and professional certifications set out above
Requirements of the role:
1. Active experience as part of an incident response team (either in-house or as a consultant)

2. Two or more of the following certifications (one certification from each group at a minimum):
  • Group 1: GIAC Certified Incident Handler (GCIH); GIAC Certified Intrusion Analyst (GCIA); GIAC Reverse Engineering Malware (GREM);
  • Group 2: GIAC Certified Forensic Analyst (GCFA); GIAC Certified Forensic Examiner (GCFE); Encase Certified Examiner (EnCE); Certified Computer examine (CCE); AccessData Certified Examiner (ACE)
3. Working knowledge of forensic tools such as Encase, FTK, Helix, Knoppix, Slax, Sleuthkit, SIFT, BlackLight and/or MacForensicsLab.
4. Experience with Unix, Linux, Mac, and Windows systems; a solid understanding of networking, firewalls, and the various protocols involved in data sharing and communications
5. Working knowledge of current data collection, storage, and chain of custody best practices
6. Must possess excellent written and verbal communication skills

Education and Experience:
  • Bachelor's degree preferred or equivalent, preferably in computer science or information systems or equivalent work experience
  • Relevant ttechnical and professional certifications set out above
'LIEMEAUK'
Life At Dell

Dell - 2 years ago - save job - block
Recommended Jobs
DIGITAL FORENSICS EXAMINER, SENIOR Job
CACI International Inc - Alexandria, VA
CACI International - 11 days ago

DIGITAL FORENSICS EXAMINER, MID-LEVEL Job
CACI International Inc - Alexandria, VA
CACI International - 14 days ago

System Integrator
Telum Protection Corp - Fort Bragg, NC
Telum Protection Corp - 30+ days ago
About this company
1,343 reviews
Since 1985, Dell has played a critical role in enabling more affordable and accessible technology around the world. As an end-to-end...