Match score not available

Senior Incident Response Consultant

Remote: 
Full Remote
Contract: 
Experience: 
Senior (5-10 years)
Work from: 

Offer summary

Qualifications:

Significant experience in forensic and incident response., Technical certifications like GCIH or GCFA preferred., Hands-on knowledge of Windows and Unix OS., Experience in technical consulting roles..

Key responsabilities:

  • Conduct forensic investigations on host and network.
  • Triage high-stakes security events and develop IOCs.
Pondurance logo
Pondurance Cybersecurity SME https://www.pondurance.com/
51 - 200 Employees
See more Pondurance offers

Job description

Senior Incident Response Consultant
REMOTE

About the Role:

Are you a people person with cybersecurity expertise? Are you able to provide exceptional
support to customers in their greatest time of need? Do you want to influence real change? Do
you want to be part of the solution? Then join Pondurance in ensuring every organization is able
to detect and respond to cyber threats – regardless of size, industry or current in-house
capabilities.

As part of the Incident Response team at Pondurance, your focus will be supporting the IR
lifecycle and providing indicators to the SOC that will assist in enhanced detection capabilities of
network, log, and host data. You will utilize your technical chops to analyze intrusions, detect
incidents, and assist in responding to our clients. You must be capable of working in a high
stress IR situation and effectively navigate through the IR lifecycle. You will be responsible for
leading the technical analysis of an IR investigation as well as communicating effectively and
providing off-hours support as needed.

Responsibilities:
  • Conduct forensic host, network, and application technical investigations
  • Triage active high-stakes security events, including reviewing and applying security controls to detect, respond, prevent and remediate threats
  • Recognize and codify attacker tools, tactics, and procedures in indicators of compromise (IOCs) that can be applied to current and future investigations
  • Develop custom scripts, tools, or methodologies to enhance our IR processes
  • Develop comprehensive and accurate reports of forensic findings and IR activities for both technical and executive audiences
  • Effectively communicate investigative findings and strategy to various client stakeholders
  • Provide clients with immediate actionable 0-day cybersecurity advice to stop and mitigate the damage of ongoing attacks
  • Assist with the scoping of new engagements using a whole lifecycle approach, guiding the client from initial discovery through mitigation and remediation

Technologies:
  • Strong hands-on working knowledge of:
    • Windows OS and networking protocols
    • Windows disk and memory forensics
    • Unix OS and networking protocol
    • Network traffic analysis
    • Scripting and/or programming
  • Experience with commercial EDR (SentinelOne, Blackberry PROTECT, CarbonBlack, CrowdStrike) and Forensic tool suites (FTK, AXIOM, EnCase)
  • Reverse engineering and malware analysis
Knowledge and Skills:
  • Significant experience in a forensic and incident response role
  • One or more of the following technical certifications preferred:
    • GIAC Certified Incident Handler (GCIH), GIAC Certified Forensic Analyst (GCFA), GIAC Reverse Engineering Malware (GREM), MCFE, EnCE or equivalent certifications
  • Demonstrated experience using analytical skills in a cybersecurity environment to triage and detect events transpired and deal with Ransomware forensic investigations
  • Demonstrated ability to make decisions on remediation and countermeasures for challenging information security threats
  • Experience in a technical role for a consulting company
If you have other combinations of relevant skills and experience that you expect make you the
right candidate for this role, please let us know!
 

Who we are:

At Pondurance we embrace, educate, and protect people by helping make our world a better and safer place.  We believe in inviting good people into our company who are driven to become great!  

Every person at Pondurance is encouraged to focus and grow in their individual areas of interest, passion, and career path. We have accessible leaders as Mentors who believe “None of us are as smart as all of us” (R. Pelletier). 

We believe everyone has the freedom to be themselves, especially at work and so we embrace, support, and celebrate each other. Each one of us influences our company’s direction through speaking up, you have a voice and we want you to use it.  

Do you want to be a part of something different? Do you want to influence real change? Do you want to be part of the solution? Then join us in redefining the security and cyber risk landscape.

 

What We Offer:

The opportunity to apply your expertise, take on new challenges, and help customers address their biggest security objectives.

An inclusive culture of teamwork that embraces the diversity of our people and communities in which we work.

Some of the corporate benefits (there are more) for full-time employees include:

  • Medical, dental, vision, disability, FSA, HSA, life and AD&D insurance, 401(k) Plan. 
  • Time off: PTO, sick, holiday, & parental leave details are available
  • Money: We provide competitive compensation packages based on the market and your overall credentials.

Although this is a remote role, if you live close by, you’ll have access to our office locations: McLean, VA or Indianapolis, IN.

To promote a healthy and safe work community we require background and drug screenings as part of our hiring process. Details of our process will be provided upon request.  

We are an equal opportunity employer focused on celebrating diversity and inclusion. We believe that each individual should be treated equally without regard to race, color, identity, national origin, protected veteran status, religion, sex including sexual orientation and gender identity, disability, or any other characteristic protected by law.

Required profile

Experience

Level of experience: Senior (5-10 years)
Industry :
Cybersecurity
Spoken language(s):
English
Check out the description to know which languages are mandatory.

Other Skills

  • Communication
  • Analytical Skills
  • Decision Making

Incident Response Analyst Related jobs