The ideal candidate will have hands-on experience performing data breach response, in addition to knowledge in security risk assessments, reactive incident response, and computer forensics (ransomware is a plus). This person will carry out a high level of customer service and communication with clients around the country, deploying various technical, analytical, and legal tactics in a fast-paced environment.
Summary of Responsibilities
- Participate in engagements related to preemptive data breach response; analytic and reporting for litigation, data breaches, and regulatory response; workplace and employment issues, including theft of trade secrets, and; investigations related to network breaches/unauthorized access of data through computer forensics and incident response
- Deliver exceptional client services, including communicating with the client throughout the entire project lifecycle to better understand client needs
- Remain highly responsive and ensure all deadlines are met
- Perform data breach response, cyber risk/security assessments, and remain involved in phases such as penetration testing, vulnerability scanning, and log configuration
- Engage with attackers directly to resolve cyber extortion incidents
- Participate in CSIRP development and gap analysis, tabletop exercises, incident response and computer forensics, and data breach response with best practices
- Experience with scan/assessment tools such as Metasploit, Nessus, Burp Suite, Core Impact, and/or others
- Handle web application exploitation, server and client-side attacks, and protocol subversion
- Perform IT System and Network Audits; write technical reports
- Remain abreast of computer networks, hardware, communications, and connectivity
Qualifications and Required/Preferred Experience
- 1-5 years of relevant experience described above; prior experience consulting in the private sector is a major plus
- Bachelor’s degree or Master’s degree in Cyber Security, Computer Science, Information Security, or other related fields is preferred
- Certifications: SANS, EnCE, CISSP, or other relevant security certifications are preferred
- Familiarity with Windows, Linux, Mac, and UNIX systems
- Proficient in one of more of the following languages: C, C++, Visual Basic, Python, Ruby, JavaScript, Perl
- Knowledgeable of encryption and encoding methods, communication protocols, and algorithms
- Enthusiastic about delivering the highest quality results to clients on time and on budget
- Able to triage multiple cases simultaneously
- Self-driven to deliver the highest level of results for clients