View all jobs

Incident Response Lead

Palo Alto, CA · Information Technology
Title:          Incident Response Lead
Location:   Palo Alto, CA
Duration:   Direct Hire

We are building the next generation computer security incident response team for our global enterprise and you can be a critical part of this creative, fast-paced, and exciting team. We are seeking information security specialist who have expertise in network security monitoring, reverse engineering, host forensics, and incident response.
The ideal candidates will have an open mind, bring a fresh perspective to a new incident response team and be passionate about protecting, defending and responding to computer related incidents.
The senior incident response lead will be directing an agile group of host forensics and incident response personnel. You will be working with enterprise forensic capable systems, log analysis systems, and network collection systems to respond to incidents at a global scale. You will work with industry respected malware and network analysts to coordinate a best in class response to computer related incidents.
Required Skills:
  • Strong analytical, documentation, and communication skills.
  • Familiarity with Windows, Apple, and Linux based operating systems (e.g. XP, Windows 7, 2003, 2008, OS X).
  • 2+ years of experience in information security. Senior Level requires 5+ yrs experience
  • 2+ years of experience working on computer security incident response team.
  • Intermediate skills in malware analysis for Windows based malware.
  • In-depth knowledge of live forensics with enterprise forensics tools such as EnCase Enterprise, Active Defense or Mandiant Intelligent Response.
  • Analytical understanding of Windows registry, NTFS, malicious documents (Office and PDF), Memory, Prefetch and Windows event logs.
  • Working knowledge of TCP/IP, DNS, HTTP,SMTP and SNMP.
  • Strong understanding of network traffic analysis.
  • Used and proficient in EnCase, AccessData or similar forensics software
  • Understand standard forensic methodology.
  • Experience leading agile IR teams
Desired Skills:
  • Accredited degree in computer science or information technology or equivalent years of experience.
  • Experience with version control software (e.g. Git, SVN,CVS) a plus.
  • Experience with enterprise information security data management tools such as ArcSight or Splunk.
  • Maintain or received forensics or incident response certification (e.g. EnCE, GCFA, GREM, or GCIA)
  • Taught or informally trained on the subject incident response or forensics analysis.
  • Knowledge of two or more of the following languages (Perl, Python, C, C++, C#, Objective C, Ruby, Lisp, Scheme, IA-32/IA-32e assembly, ARM, Power PC, MIPS, SPARC, Shell, SQL, HTML, CSS, XSLT, XML, Java, or EnScript).
  • Presented or been published at conferences or peer reviewed journal a plus.
More Openings
Salesforce Developer
Industrial Hygienist
LDAP Engineer
Mobile Technical Lead
Share This Job
Powered by