Senior Security Analyst
Lennar
AWSAzureCloudCyber SecurityPythonServiceNow
DFIR Consultant / Senior DFIR Consultant
GuidePoint Security
full-time
Posted on:
Origin: • 🇺🇸 United States
Visit company websiteJob Level
Senior
Tech Stack
AWSAzureCloudCyber SecurityGoPython
About the role
- Operate as a technical resource within the Practice and actively participate in DFIR investigations
- Effective engagement communication, time management, and collaboration with peers
- Author comprehensive engagement deliverables tailored to technical and managerial audiences detailing findings, recommendations, business impact, and remediation strategies
- Foster client relationships by providing support, information, and guidance
- Utilize automation, orchestration, and scripting to reduce manual processes and improve efficiency
- Contribute to integration of open-source and commercial tools to improve DFIR processes and procedures
- Perpetually strengthen skills, knowledge, and abilities to stay at the forefront of the information security industry
- Maintain a strong desire to learn, adapt, and improve
- Perform other duties as assigned
Requirements
- Two (2+) years of experience performing incident response investigations
- Four (4+) combined years of IT and information security experience
- Four (4+) years of experience performing incident response investigations (Senior DFIR Consultant)
- Six (6+) combined years of IT and information security experience (Senior DFIR Consultant)
- Prior experience in a Consulting Services role (preferred)
- Experience with Digital Forensics & Incident Response (DFIR) methodology and process (preferred)
- Core capabilities include: Network traffic analysis; Host forensics; Malware handling / triage; Log review; BEC Analysis (preferred)
- Experience with a variety of industry-related solutions including EDR, NDR, XDR, SIEM, FW, NGAV, Velociraptor, and others (preferred)
- Experience with common programming languages including PowerShell, Python, BASH, Go, or others (preferred)
- Experience with cloud technologies for the enterprise, such as Amazon Web Services, G Suite, M365, and Azure (preferred)
- Awareness of attacker techniques, advanced threat groups, and integration of intelligence into an investigation (preferred)
- Other relevant industry certifications, such as but not limited to CISSP, GCIA, GCIH, GDAT, GCFE, and GFCA (preferred)
Similar jobs on JobTailor
Consulting Director – Specialized and Proactive Services
Palo Alto Networks
AWSAzureCloudCyber SecurityGoogle Cloud Platform
Security Operations Engineer
Brown & Brown Insurance
AWSAzureCloudFirewallsGoogle Cloud PlatformPythonTerraform
VP, Enterprise Security Tools
LPL Financial
AWSCloudCyber SecurityElasticSearchPythonShell ScriptingSplunk
Cyber Security Analyst
Diabetes Youth Families
AWSAzureCloudCyber SecurityDNSGoogle Cloud PlatformPythonSplunkTCP/IP