REF: 1223534
Senior Incident Response Consultant
The Senior Incident Response Consultant will work within established methodologies to perform a variety of Incident Response related activities for Cisco customers, to include responding to cyber incidents, proactively hunting for adversaries in customer networks, designing and performing Table Top Exercises, and performing IR Readiness Assessments. The Senior Incident Response Analyst will also be responsible for leading and working on projects that will support tactical and strategic business objectives. As this is among the first IR consultants in-region, you will also be responsible for helping enable our sales team and assisting sales to help win business. Demonstration of leadership abilities, clear and concise communication with a variety of stakeholders, ability to lead during a crisis, personal agility to adapt to changing environments, and a strong comprehension of malware, emerging threats and calculating risk will be critical to success.
Who You’ll Work With
When you work with us, you’ll be part of a highly empowered collaborative team focused on both helping our clients be both better prepared to defend against adversaries on their network, as well as responding to active incidents within their network.
Who You Are
Both your clients and your teammates consider you a charismatic, articulate individual and a born diplomat. You check your ego at the door and learn from others constantly, while also helping to educate those who aren’t as versed as you are in topics. As a result, you have a track record of working tirelessly to help your clients and teammates and have even come up with some novel techniques in your time.
Required Skills:
Respond to cyber incidents caused by internal and external threats to our customers, that may involve nontraditional working hours
Work with leadership and sales to both present and train on IR, as well as presenting and meeting with potential clients to help drive business
Specialize in host centric analysis utilizing a variety of tools (e.g. F-Response, X-Ways, Volatility, Cisco AMP, etc…)
Specialize in network centric analysis utilizing a variety of tools (e.g. ELK, StealthWatch, Cisco Umbrella, etc…)
Design, lead and participate in Table Top Exercises with customers
Proactively hunt for adversaries on customer networks utilization a variety of tools and techniques
Lead and perform Incident Response Readiness Assessments for customers
Draft communications, assessments, and reports that may be both internal and customer facing, to include leadership and executive management
Understanding of different attacks and how best to design custom containment and remediation plans for customers
Serve as a liaison to different businesses and interface with fellow team members and colleagues on other security teams. As-needed, manage relationships with business partners, management, vendors, and external parties
Lead projects as directed by leadership
Be a champion for process. Develop and document processes to ensure consistent and scalable response operations
Demonstrate industry leadership through blog posts and public speaking at conferences and events
4-year degree in Computer Science or a related technical degree
Minimum 5 years of experience in information security
Minimum 4 years of experience handling incidents
Must be willing to be on-call and work off-shift hours, to include nights, weekends, and holidays
Must be willing to routinely travel with less than 24-hour notice, up to 35% of the time
Desired Characteristics:
Detailed understanding of Advanced Persistent Threat (APT), Cyber Crime, Hacktivism and associated tactics
Strong track record of understanding and interest in recognized IT Security-related standards and technologies, demonstrated through training, job experience and/or industry activities
IT security certifications
Industry certifications such as the CISSP, CISM, CISA, GCIH, CFCE, GFCA, and/or GCFE
Why Cisco
