S-RM is seeking to recruit an Incident Response Associate within the Cybersecurity Team. This is a full-time, permanent position and the successful applicant will report directly to the Head of Incident Response.
The Incident Response Associate will lead information security consultancy engagements with our clients, support internal information security programs, drive new revenue and support pre-sales activity. The candidate will be experienced in responding to cyber breaches, performing forensics investigations, and assessing and planning for events. A broad knowledge of information security is essential; this must encompass a good understanding of the practical application of security technology as well as its theory.
The successful candidate will have a technical engineering background with deep information security and forensics experience. Experience delivering information security consulting projects across a range of disciplines into small, medium and enterprise organizations is a must. They will also be a strong communicator who is comfortable interacting with people at all levels from the C-Suite to technical teams.
MAIN DUTIES AND RESPONSIBILITIES
- Deliver incident response consulting to S-RM’s clients across a broad range of industries
- Perform host- and network-based cyber breach incident response investigations that include:
- System recovery
- Technical evidence collection
- Forensics, log, malware and root cause analyses
- Identify attacker tools, tactics and procedures
- Develop incident management plans, deliver training, and conduct table-top exercises
- Document and maintain internal incident response policies and procedures and support the build and evolution of tools and frameworks
- Create client-ready documents and presentations
- Perform knowledge transfer across the S-RM Cybersecurity Team globally
- Lead on cybersecurity pre-breach engagements, which include:
- Information security controls assessments
- Risk assessments
- Vulnerability assessments
- Regulatory and compliance assessments
- Develop and deliver security awareness training
- Contribute to marketing and business development efforts
- Document and maintain incident response policies and procedures
Participate in an on-call rotation to provide 24X7X365 client incident coverage
The role can be performed remotely or from our offices in New York City or Washington D.C
SKILLS, QUALIFICATIONS, & EXPERIENCE
The qualifications and experience to perform this role successfully are:
- Bachelor’s degree in Computer Science (with a focus in security) preferred but not necessary
- 2-3 years of direct experience in incident response, digital forensics, malware analysis and/or security operations (SOC)
- 2-3 years of consulting experience or 4-5 years of experience working in a technical infrastructure role
- Advanced working knowledge of endpoint, memory and network forensics tools (such as FTK, Encase, Volatility, SIFT, Wireshark)
- Able to perform malware analysis (static and dynamic)
- Knowledge of at least one scripting language (like Python, Ruby, PHP or Powershell) that can be utilized to automate tasks is highly desirable
- Excellent writing and presentation skills with the ability to convey complex technical information clearly and concisely and tailored to any audience, including C-suite
- Network administration understanding to include configuration of firewalls, switches and routers is preferred
- Sound knowledge of security tools such as SIEM, firewalls, IDS/IPS, proxies, AV is preferred
- Certifications such as CREST, GNFA, GCFA, GCFE, GCIA, GCIH, GREM, CCIM, EnCE, EnCEP, ACE are highly desirable.
The individual will need to have the following key personal skills and attributes to perform successfully in this role:
- First and foremost, must be a good team player
- Passionate interest in information security and dedication to continued professional development
- Ability to work with little oversight in a rapidly changing, unstructured environment in a small team
- Strong analytical and problem-solving skills
- Ability to thrive under pressure and work to tight deadlines
- Excellent verbal and written communication skills
- Ability to respond to incidents during non-business hours
- Ability to travel, including internationally
- Ability to work innovatively, without compromising on quality.
The successful candidate must have permission to work in the United States by the start of their employment.
S-RM nurtures a culture of equality, diversity and inclusion and we are dedicated to developing a workforce that displays a variety of talents, experiences and perspectives.