Secureworks (NASDAQ: SCWX) is a global cybersecurity leader that secures human progress with Secureworks® Taegis™, a SaaS-based, open XDR platform built on 20+ years of real-world threat intelligence and research, improving customers’ ability to detect advanced threats, streamline and collaborate on investigations, and automate the right actions.

We enjoy competitive compensation and benefits packages, and reward and recognize our employees for exceptional results. A constant focus on continued learning and growth keeps our team members engaged and excited about “what’s next.” We offer flexible work options when available, and emphasize the importance of work-life balance. We know that when our people are rewarded, recognized, and rejuvenated, we win as a team.

Role Overview

The Secureworks Incident Response team is looking for a Senior Advisor, Incident Response Consultant who will work with various Secureworks teams and Incident Response\Readiness consultants to grow the Secureworks consulting practice. The Incident Response Consultant is primarily focused on the delivery of emergency incident response services. This involves supporting customers by managing the technical and non-technical aspects of incident response, conducting investigative analysis using digital forensics methods to determine the nature, scope, and root cause of cyber incident activity, formulating recommendations for security posture enhancement, and developing tailored remediation plans.

Additionally, the Incident Response Consultant may be required to deliver a range of proactive incident response services. These services include cyber threat hunting to help customers identify unknown compromise activity and gaps in their cybersecurity controls, as well as workshops, training courses, and exercises to help customers improve their incident response capabilities. The candidate will be expected to work on engagements with a minimum requirement of 65% billable work.

This position requires up to 20% travel.

This is a remote position.

Role Responsibilities

Serve as subject matter expert in digital forensics and incident response (DFIR)
Perform complex incident response investigative analysis and develop assessments based on the analysis of host, network, and cloud digital artifacts
Document analysis findings and develop recommendations to present both orally and in written reports to customers
Develop tailored incident response remediation plans for major cyber incidents to direct customer containment and recovery efforts
Manage urgent and critical interactions with customers
Maintain professional, calming, and authoritative presence during a crisis
Participate in a 24x7 on-call rotation for supporting requests from global incident response customers
Travel as needed to assist customers with on-site incident response efforts

Requirements

Minimum five (5) years of cybersecurity experience in complex operating environments
Minimum three (3) years in a customer facing support role (Security Engineer, Client Services, Consulting, Professional Services)
Minimum of two (2) years of host forensics, network forensics, and cloud forensics experience for threat hunting and incident response efforts
GCIH, GCFE, GCFA, GREM or similar certifications
Strong communication skills (oral and written)
Experience briefing senior-level leadership and conveying technical information to audiences of varying backgrounds and skill levels
Ability to prioritize urgent tasks and work multiple consulting engagements concurrently
Desire to work with customers to solve complex cybersecurity issues, including during crisis situations
Theoretical and practical knowledge in the following areas:
- Windows and Linux operating systems
- AWS, Azure (including Microsoft 365), and GCP
- Exploits, vulnerabilities, intrusion vectors, and malware
- Tactics, techniques, and procedures (TTPs) commonly employed by threat actors
- Host forensics, network forensics, and malware analysis techniques
- Network traffic analysis, endpoint activity analysis, and log analysis techniques
- Enterprise cyber incident management and response processes
- Enterprise cybersecurity controls and failure modes
- Modern Enterprise Detection and Response (EDR) tools.

Secureworks is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at Secureworks are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. Secureworks will not tolerate discrimination or harassment based on any of these characteristics.

Company

For job seekers

For companies

Cyber Security jobs

Incident Response Consultant

Incident Response Consultant

Incident Response Consultant

Location

Workplace

Type

Posted

Website

Similar Jobs

Principal Incident Response Consultant - (f/m/x)

Incident Response Consultant

Incident Response Consultant - Cloud (Remote)

Sr. Consultant - Incident Response (Remote, UAE)

Sr. Consultant - Incident Response (Remote)

Incident Response Consultant - Identity & Active Directory - US (remote)

Consultant - Cloud Incident Response (Remote, FRA)

X-Force Incident Response APAC OT Lead

Incident Response Sales Operations Lead (Unit 42)

Security Incident Response Coordinator