Senior Associate, Data & Technology, Cybersecurity Incident Response (Remote)
Company: Ankura
Location: Portland
Posted on: June 23, 2022
Job Description:
Ankura is a team of excellence founded on innovation and
growth.Practice OverviewAnkura's Cybersecurity Practice offers a
full-service suite of information security and privacy solutions
for clients, regardless of industry or size. We provide proactive
preparedness, incident response, cyber resilience, and managed
advisory services customized to clients' requirements. The Cyber
team is composed of leaders from the intelligence community,
including former FBI and CIA personnel, private security firms, and
pioneering technology companies. Our experts assess cyber risk and
readiness, test and harden clients' infrastructure, and respond
instantly and decisively when threats arise. We regularly advise
boards of directors, members of the C-suite, general counsel,
outside counsel, IT leaders, and other stakeholders at all stages
of any cyber incident.Role OverviewOur Cybersecurity practice is a
rapidly growing part of the Data & Technology segment of our
business. Our professionals help our clients address their critical
information security challenges, including incident
investigation/response, as well as assessing and reducing
information security risks.***This is a REMOTE opportunity Mount or
Pacific Time zone Preferred***Responsibilities
- Participate in security incident investigations that involve
computer crimes and require log, forensic, and malware
analysis
- Collect and analyze intrusion detection system alerts, firewall
logs, network traffic logs, and host system logs to evaluate
whether unauthorized access or information ex-filtration
occurred
- Perform forensic analyses to identify the presence of any
malware, malware capabilities/actions, and what actions the malware
took
- Conduct security investigations in Linux, Apple, and/or Windows
environments
- Provide input into client communications, both written and
oral, related to analyses performed for senior-level
reviewQualifications
- Approximately -2 - 5 years of experience working in the
Incident Response space
- Understanding of how to communicate effectively and concisely
with legal counsel, high-level management, and C-suite clients
- Ability to approach and prioritize projects both from a
long-range and immediate view
- Experience working with non-Windows programs (such as Linux,
Unix, Mac)
- Comfortable conducting command-line operations and utilizing
scripts such as Python, PowerShell, Perl, or Bash
- Experience working on projects in an investigatory capacity -
either law enforcement or incident response
- Strong desire to work on a team in a collaborative environment
to achieve common goals
- Ability to correlate events from multiple sources to create a
timeline analysis across endpoints of an incident
- Exceptional organizational skills, including detailed
note-taking abilities
- Strong conceptual, as well as quantitative and qualitative
analytical skills
- Passion about Incident Response, and a desire for continuous
improvement in expertise
- Ability to lead and mentor other consultants
- Received training in digital forensics and incident response
related fields
- Preference is given to candidates with certifications such as
CFCE, CCE, GCFE, GCFA, GCIH, GREMAnkura is proud to be an equal
opportunity employer committed to fostering a diverse and inclusive
environment where mutual respect and collaboration is paramount.
All qualified applicants will receive consideration for employment
without regard to age, race, color, religion, sex, sexual
orientation, gender identity and expression, disability, protected
veteran status, national origin, or any other legally protected
status.
Keywords: Ankura, Portland , Senior Associate, Data & Technology, Cybersecurity Incident Response (Remote), IT / Software / Systems , Portland, Maine
Didn't find what you're looking for? Search again!
Loading more jobs...