Sr. Consultant, Incident Response (Remote) at CrowdStrike
Am I a Senior Consultant Candidate?
Do you find yourself interested in and keeping up with the latest vulnerabilities and breaches?
Are you self-motivated and looking for an opportunity to rapidly accelerate your skills?
Do you crave new and innovative work that actually matters to your customer?
Do you have an Incident Response or Information Security background that you’re not fully utilizing?
Are you capable of leading teams and interacting with customers?
Do you love working around like-minded, smart people who you can learn from and mentor on a daily basis?
Perform host and/or network-based forensics across Windows, Mac, and Linux platforms.
Perform basic malware analysis.
Conduct red-team, penetration testing activities by leveraging actual adversary TTPs.
Assess and develop information security and incident response programs in a proactive fashion to help mature the security posture of organizations prior to an incident.
Lead incident response and proactive engagements.
Produce high-quality written and verbal reports, presentations, recommendations, and findings to customer management.
Demonstrate industry thought leadership through blog posts, CrowdCasts, and other public speaking events.
Manage internal programs or teams.
Successful candidates will have experience in one or more of the following areas:
Incident Response: experience conducting or managing incident response investigations for organizations, investigating targeted threats such as the Advanced Persistent Threat, Organized Crime, and Hactivists.
Computer Forensic Analysis: a background using a variety of forensic analysis tools in incident response investigations to determine the extent and scope of compromise.
Network Forensic Analysis: strong knowledge of network protocols, network analysis tools like Bro/Zeek or Suricata, and ability to perform analysis of associated network logs.
Reverse Engineering: ability to perform static and dynamic malware analysis.
Incident Remediation: strong understanding of targeted attacks and able to create customized tactical and strategic remediation plans for compromised organizations.
Network Operations and Architecture/Engineering: strong understanding of secure network architecture and strong background in performing network operations.
Cloud Development: excellent knowledge in any of the following areas: AWS, Azure, GCP, Splunk or Elasticsearch.
Programming/Scripting: experience coding in Python, Powershell, Bash or Go.
Additionally, all candidates must possess the following qualifications:
Capable of completing technical tasks without supervision.
Desire to grow and expand both technical and soft skills.
Strong project management skills.
Contributing thought leader within the incident response industry.
Ability to foster a positive work environment and attitude.
Ability to travel on short notice, up to 50% of the time.