Data Security/ Compliance

Threat Hunting and Incident Response Specialist

Specialist Dublin Threat Hunting and Incident Response

Summary:

Our mission is to assess and protect companies from advanced cyber-attacks and to help their security teams operate with super-human efficiency. Our approach is simply different than what is available today, and we aim to create a world-class, enduring capability to help protect the information assets that enrich our world.  We are looking for the best talent to lead the best security solutions.

Our team is composed of customer-focused professionals with best in class industry experience.  Our team of extremely talented and friendly individuals is looking for new members who are passionate, motivated, and most of all enjoy working closely with customers to ensure their success.

Responsibilities

  • Lead and deliver  attack surface security assessment engagement
  • Perform threat hunting for our Managed Detection and Response (MNDR) solution
  • Lead and deliver compromise assessment engagements using both endpoint and network technology
  • Lead and deliver client Incident Response (IR) engagements
  • Conduct Digital Forensic and Incident Response (DFIR) analysis, network log and network PCAP analysis, malware triage; and other investigation related activities in support of Incident Response investigations
  • Scope and contain incidents using Endpoint Detection and Response (EDR) tools and network appliances
  • Collect, process, automate, and analyze network and endpoint forensic artifacts using tools such as Plaso, Wireshark, Timesketch, ELK and or Splunk
  • Develop scripts and tools to automate the analysis of forensic artifacts and other response solutions
  • Evolve existing Labs methodologies to enhance and improve our security services and DFIR practice
  • Assist with client incident scoping calls as well as participating in the incident from kickoff through containment and remediation
  • Provide training, present to small groups, write blogs, and speak at conferences such as Blackhat and BSides
  • Write executive and technical reports for client engagements

Other Desired Benefits

  • Excellent consulting and customer-facing skills
  • Strong understanding of network security concepts
  • Cloud (AWS, Azure, GCP, and O365) security assessment or DFIR experience
  • Advanced Python, Go, and/or Powershell
  • Familiar with interacting and/or writing APIs
  • SANS or CREST Certified
  • Ability to deliver engagements in English, German, or French

Additional Information

All your information will be kept confidential according to EEO guidelines.

  • 3 or more years’ experience leading IR, compromise assessments, and/or Threat Hunting services
  • Has worked ransomware and/or business email compromise proactive or response engagements
  • Proficient with host-based (Windows, Mac and/or Linux) forensic triage and analysis
  • Proficient with network-based threat hunting and analysis
  • Ability to conduct dynamic malware analysis to gain a quick understanding of malware and understand the IOCs generated
  • Must have experience writing scripts in Python, Go, and/or Powershell
  • Familiar with Splunk or ELK
  • Knowledge of and the ability to use popular EDR technologies during DFIR engagements
  • Ability to prioritize and complete multiple tasks with little to no supervision
  • Ability to work independently or as part of a collaborative team effort
  • Ability to travel part-time for customer engagements
Apply
Related News