Incident Response Consultant (Reactive)
The Crypsis Group is a respected security advisory firm with a vision to create a more secure digital world by providing the highest quality incident response, risk management, and digital forensic services to clients of all sizes. Our team is comprised of recognized experts and incident responders with deep technical expertise and experience in investigations, data breach response, digital forensics and information security. With a highly-successful track record of delivering mission critical cyber-security solutions, we are experienced in working quickly to provide effective incident response, attack-readiness and remediation plans with a focus on providing long term support to improve our clients’ security posture.
Responsibilities for the Incident Response Security Consultant include:
- Perform reactive incident response functions including but not limited to: host-based analysis functions through investigating Windows, Linux, and Mac OS X systems to identify Indicators of Compromise (IOCs).
- Examine firewall, web, database, and other log sources to identify evidence and artifacts of malicious and compromised activity.
- Investigate data breaches leveraging forensics tools including Encase, FTK, X-Ways, SIFT, Splunk, and custom Crypsis investigation tools to determine source of compromises and malicious activity that occurred in client environments.
- Provide support on incident response engagements to senior level team members to guide clients through forensic investigations, contain security incidents, and provide guidance on longer term remediation recommendations.
- Ability to perform light travel requirements as needed to meet business demands (on average 20%).
Qualifications for the Incident Response Security Consultant include:
- 2+ years of incident response or digital forensics experience with a passion for cyber security
- Proficient with host-based forensics and data breach response
- Experienced with EnCase, FTK, X-Ways, SIFT, Splunk, Redline, Volatility, WireShark, TCPDump, and open source forensic tools
- Bachelor’s Degree in Information Security, Computer Science, Digital Forensics, Cyber Security or related field
Compensation for the Incident Response Security Consultant includes:
- Competitive base salary with quarterly bonus plan
- Full Benefits: Cigna Healthcare, MetLife Dental, VSP Vision, and 401k with Voya
- Open Paid Time Off Policy, Paid Annual Training/Conference Program, and Unique Office Perks
Keywords: DFIR, Incident Response, Post Breach, Reactive, Consulting, Digital Forensics, Host Based Analysis, Malware, FTK, WireShark