Senior Associate, Data & Technology, Cybersecurity Incident Response (Remote)

Company: Ankura
Location: Portland
Posted on: June 23, 2022

Job Description:

Ankura is a team of excellence founded on innovation and growth.Practice OverviewAnkura's Cybersecurity Practice offers a full-service suite of information security and privacy solutions for clients, regardless of industry or size. We provide proactive preparedness, incident response, cyber resilience, and managed advisory services customized to clients' requirements. The Cyber team is composed of leaders from the intelligence community, including former FBI and CIA personnel, private security firms, and pioneering technology companies. Our experts assess cyber risk and readiness, test and harden clients' infrastructure, and respond instantly and decisively when threats arise. We regularly advise boards of directors, members of the C-suite, general counsel, outside counsel, IT leaders, and other stakeholders at all stages of any cyber incident.Role OverviewOur Cybersecurity practice is a rapidly growing part of the Data & Technology segment of our business. Our professionals help our clients address their critical information security challenges, including incident investigation/response, as well as assessing and reducing information security risks.***This is a REMOTE opportunity Mount or Pacific Time zone Preferred***Responsibilities

• Participate in security incident investigations that involve computer crimes and require log, forensic, and malware analysis
• Collect and analyze intrusion detection system alerts, firewall logs, network traffic logs, and host system logs to evaluate whether unauthorized access or information ex-filtration occurred
• Perform forensic analyses to identify the presence of any malware, malware capabilities/actions, and what actions the malware took
• Conduct security investigations in Linux, Apple, and/or Windows environments
• Provide input into client communications, both written and oral, related to analyses performed for senior-level reviewQualifications
  • Approximately -2 - 5 years of experience working in the Incident Response space
  • Understanding of how to communicate effectively and concisely with legal counsel, high-level management, and C-suite clients
  • Ability to approach and prioritize projects both from a long-range and immediate view
  • Experience working with non-Windows programs (such as Linux, Unix, Mac)
  • Comfortable conducting command-line operations and utilizing scripts such as Python, PowerShell, Perl, or Bash
  • Experience working on projects in an investigatory capacity - either law enforcement or incident response
  • Strong desire to work on a team in a collaborative environment to achieve common goals
  • Ability to correlate events from multiple sources to create a timeline analysis across endpoints of an incident
  • Exceptional organizational skills, including detailed note-taking abilities
  • Strong conceptual, as well as quantitative and qualitative analytical skills
  • Passion about Incident Response, and a desire for continuous improvement in expertise
  • Ability to lead and mentor other consultants
  • Received training in digital forensics and incident response related fields
  • Preference is given to candidates with certifications such as CFCE, CCE, GCFE, GCFA, GCIH, GREMAnkura is proud to be an equal opportunity employer committed to fostering a diverse and inclusive environment where mutual respect and collaboration is paramount. All qualified applicants will receive consideration for employment without regard to age, race, color, religion, sex, sexual orientation, gender identity and expression, disability, protected veteran status, national origin, or any other legally protected status.

Keywords: Ankura, Portland , Senior Associate, Data & Technology, Cybersecurity Incident Response (Remote), IT / Software / Systems , Portland, Maine