Unlimited Response Senior Advisor (Romania)

Role Responsibilities

• Team member will operate as initial escalation path for incident response escalations originating from Secureworks MXDR service
• Review security-related events and assess their risk and validity based on available telemetry from network, endpoint, and global threat intelligence information to provide customers with concise, detailed, and well-written incident reports, root causes identification, and remediation recommendations
• Perform technical analysis and develop technical conclusions based on analysis of evidence
• Serve as subject matter expert in incident response and digital forensics
• Perform complex incident response technical analysis and develop technical conclusions based on analysis of evidence; review analysis and conclusions of other consultants
• Document findings and develop incident response remediation recommendations to present both orally and in written reports for customers
• Develop playbooks based on customer needs
• Use the Secureworks platform to proactively hunt for and investigate activity within the customer environment

Requirements

• 6+ years of advanced security and forensic experience with two or more major operating systems: Microsoft: 8, 8.1, 7, Vista, XP, Server, 2012, 2008, 2003, 2000; OS X; Unix; Solaris and Linux variants; iOS; Android
• Familiarity with Jupyter notebooks and python development for forensic analysis
• Strong security analysis skills of networking data and traffic
• Understanding of threat hunting methodologies using both endpoint and network-based telemetry
• Strong experience with multiple forensic tools (such as Encase, FTK, X-Ways, F-Response, Volatility, Blacklight, MacQuisition, Recon)
• Operational experience with security tools (firewalls, IDS, IPS, SIEMs, proxies, VPNs)
• Understanding of vulnerabilities and tools used to discover/analyse/exploit vulnerabilities (Nessus, Nmap, Metasploit)
• Ability to utilize Markdown markup language to document analysis findings and provide results to customer in an organized manner
• Strong technical communication skills (oral and written) including experience briefing executive management and desire to work with customers to solve complex security issues, including at times in crisis situations
• Understanding of at least one Compliance Framework Experience: ISO 27001/2, FISMA, PCI, HITRUST, NIST 800-series, CoBIT
• Ability to have consultative conversations with the customer focused on service delivery concepts, processes, and technical investigations

Preferred Skills

• 8+ years of information security experience.
• 1+ years of Python development with Jupyter notebook experience
• Bachelor's degree, preferably in computer science, information systems, information assurance; or equivalent work experience
•  Technical or professional certifications such as GCFA, GCTD, GCFR, Microsoft 365/Azure, and AWS