1 week ago
DescriptionLead Consultant (FortiGuard Incident Response)We are seeking a dynamic Lead Consultant (FortiGuard Incident Response) to contribute to the success of our rapidly growing business.
About the RoleAs a Lead Consultant (FortiGuard Incident Response), you will lead IR engagements and mentoring/training junior analysts, focus on process improvement for customer-facing incident response services, conduct host-based analysis and forensic functions on Windows, Linux, and Mac OS X systems, review firewall, web, database, and other log sources to identify evidence and artifacts of malicious and compromised activity, leverage our FortiEDR Platform to conduct investigations to rapidly detect and analyze security threats, perform basic reverse engineering of threat actor's malicious tools, develop complete and informative reports and presentations for both executive and technical audiences, and monitor underground forums, our FortiGuard Threat Labs, along with other open-source intelligence outlets to maintain proficiency in the latest actor tactics and techniques.
Key ResponsibilitiesLead IR engagements and mentoring/training junior analysts
Focus on process improvement for customer-facing incident response services
Conduct host-based analysis and forensic functions on Windows, Linux, and Mac OS X systems
Review firewall, web, database, and other log sources to identify evidence and artifacts of malicious and compromised activity
Leverage our FortiEDR Platform to conduct investigations to rapidly detect and analyze security threats
Perform basic reverse engineering of threat actor's malicious tools
Develop complete and informative reports and presentations for both executive and technical audiences
RequirementsExperience with at least one scripting language: Shell, Ruby, Perl, Python, etc.
Ability to data mine using YARA, RegEx, or other techniques to identify new threats
Experience with EnCase, FTK, X-Ways, SIFT, Splunk, Redline, Volatility, WireShark, TCPDump, and open source forensic tools a plus
Experience with malware analysis tools such as IDA Pro, OllyDbg, Immunity Debugger
Hands-on experience dealing with APT campaigns, attack Tactics, Techniques and Procedures (TTPs), memory injection techniques, static and dynamic malware analysis and malware persistence mechanisms
Strong knowledge of operating system internals and endpoint security experience
Able to communicate with both technical and executive personnel
Excellent written and verbal communication skills a must
Reading and writing skills in non-English languages such as Chinese and Russian a plus
Analysis of Linux and MAC binary files and understanding of MAC internals is a plus but not required
Highly motivated, self-driven, and able to work both independently and within a team
Able to work under pressure in time-critical situations and occasional nights and weekends work
A good understanding of Active Directory a plus
Bachelor's Degree in Computer Engineering, Computer Science, or related field
Or 10+ years' experience with incident response and/or Forensics
What We OfferWe embrace diversity and inclusivity.
We encourage applications from diverse backgrounds and identities.
Explore our welcoming work environment designed for a rewarding career journey with an attractive Total Rewards package to support you with your overall health and financial well-being.
Estimated Salary: $120,000 - $180,000 per year
#J-18808-Ljbffr