Incident Response Handler (Mid-level)

Note: We are interviewing candidates located in Washington, DC and Charlotte, NC.

This position reports to the Director, Security Engineering & Operations and will work as part of the Security Engineering and Operations Team to help clients respond to and recover from cybersecurity incidents.

Duties
●  Assist in responding to and recovering from sensitive client incidents.
●  Assist in collecting and analyzing computer artifacts, including malware, user activity, and log files.
●  Assist with triaging electronic devices and correlating forensic findings with network events to further develop an intrusion narrative.
●  Assist with incident triage.
●  Collaborate with Incident Response Team to provide threat analyses mitigation, countermeasure recommendations, after action reports, summaries, etc. in areas such as perimeter defense, malicious software analysis, attack vector analysis, computer network defense, incident handling, risk analysis and readiness, and strategic planning analysis.
●  Assist in producing and developing reports and briefings for senior client executives based on defined engagements.


Other key duties and responsibilities


●  Assist with Blue Team engagements, as needed.
●  Work closely with leadership to ensure that the incident response service offering closely aligns with the mission and goals of Fortalice.
 

Qualifications

 
●  Bachelor’s degree in cybersecurity or a related field and three (3) years of relevant experience OR a high school diploma and five (5) years of relevant experience.
●  One or more of the following certifications preferred: GIAC Certified Intrusion Analyst (GCIA), GIAC Certified Incident Handler (GCIH), GIAC Reverse Engineering Malware (GREM).
●  Basic technical skills surrounding incident response, threat hunting, and security engineering.
●  Demonstrated detail-oriented self-starter with the ability to work independently in collaborative team environments.
●  Ability to work on varying priorities and projects simultaneously.
●  Strong written and oral communication skills (both internal and client-facing)
●  Strong proficiency with basic command line usage, tcpdump, nmap, grep, log aggregation or correlation tools (e.g. Elastic, Splunk, etc.).

Want to apply later?

Type your email address below to receive a reminder

Apply to Job

ErrorRequired field
ErrorRequired field
ErrorRequired field
Error
Error
insert_drive_file
insert_drive_file