Summary/Objective
The Entry Level Incident Response Analyst is a highly motivated self-starter with a passion for problem
solving through challenging and high-stakes situations. This exciting role presents the opportunity to dive
deep into host systems and track down attacker activity and indicators of compromise. You will be able to
work alongside of an excelling team while you uncover threats to protect the infrastructure and aid in the
recovery of essential business operations.
Essential Functions
Analyzing event and system logs, performing digital forensic and malware analysis/triage, and
analysis on related incident response data
Creating timelines and relationships between fractional data through deductive reasoning
Liaising with client operations and technical teams to implement remediation plans post incident
Offering consulting and providing regular updates for project managers and client POCs
Developing and generating comprehensive reports for both technical and executive level
audiences.
Required Skills, Experience, Degrees or Certification
1-2 years’ experience in a technical or IT operations environment
Ability to comprehend incident response processes and best practices
Familiar with intrusion detection systems such as snort, tcpdump, and Wireshark
Understanding of various attack vectors, threat tactics, and attacker techniques
Knowledgeable on network architecture and security infrastructure
Experience with Windows operating systems and command line tools
Understanding of ports, sessions, DNS, and HTTP
Preferred Skills, Experience, Degrees or Certifications
Bachelor’s degree in Computer Science or related field
Experience working on mission critical security operations team
Excellent written and communication skills
A strong desire to be challenged and an openness to learn continuously
Knowledge of webshells, DNS servers, vs HTTP proxy
OSINT skills
Experience with forensic capture tools such as FTK Imager
Knowledge on forensic analysis tools such as EnCase, Axiom, and Xways
Job Type
Full-time/Exempt
Location
100% Telecommuting
%of Travel Required
0-5%
Physical Requirements
Prolonged periods of sitting at a desk and working on a computer.
CyberClan is an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran, or disability status