Incident Response Consultant II

  • Full-time
  • Travel Required: 60 - 69%

Company Description

At Optiv, we’re on a mission to help our clients make their businesses more secure. We’re one of the fastest growing companies in a truly essential industry.

In your role at Optiv, you’ll be inspired by a team of the brightest business and technical minds in cyber security. We are passionate champions for our clients, and know from experience that the best solutions for our clients’ needs come from working hard together. As part of our team, your voice matters, and you will do important work that has impact, on people, businesses and nations. Our industry and our company move fast, and you can be sure that you will always have room to learn and grow. We’re proud of our team and the important work we do to build confidence for a more connected world.

Job Description

Optiv is seeking a consultant to work on Incident Response consulting projects. We are looking for an innovative and motivated consultant who can help customers investigate incidents within their environment and adapt to digital disruptions in their business. 

As an incident response specialist, you will lead the response and investigation of incidents within our client’s environments.

You will actively contribute to improving operational efficiency on projects and internal initiatives. In line with our commitment to quality, you will consistently drive projects to completion and confirm that work is of high quality. When working on engagements, you will report to higher levels of management, who will expect you to anticipate and identify risks, and raise any issues with them as appropriate.

In line with Optiv’s commitment to quality, you will confirm that work is of the highest quality as per Optiv’s quality standards, by reviewing the work provided by other members.

Essential Functions of the Job:

-Advanced capability ranking for delivery of one or more solutions

-Able to solo deliver on simple (single solution) projects or discrete portions of complex projects

-Active listener and knows which points are resonating and which are being perceived negatively.

-Effectively plays their role and not others (i.e., sales) during meetings.

-Demonstrates leadership and self-management skills with no direct reports.

-Effective team communicator.

-Effective at adapting methodologies to project needs.

-Detailed awareness of the security/ technology space for digital forensics, threat hunting and incident response including

o    Live incident response, systems triage, containment, and remediation

o    Assessing compromises

o    Digital forensics

o    Forensic log review from varying security technologies

o    Mobile phone forensics

o    Malware analysis

o    Network traffic analysis

-Acts as contributor in Optiv communities for solutions of focus

Qualifications

-Bachelor's degree and approximately 3-5 years of related work experience.

-Minimum three (3) years of experience performing in incident response roles that include containment and isolation, forensics, root cause analysis, and remediation.

-Highly desired certifications include: GIAC Certified Forensics Examiner (GCFE), EnCase Certified Examiner (EnCE) Certification, Certified Computer Examiner (CCE), and Certified Computer Forensics Examiner (CCFE).

-Perform authoritatively in the role as an incident management subject matter expert and lead customer personnel in responding to incidents.

-Demonstrate the ability to invent and successfully utilize new investigative workflows to counter new and unknown threats.

-Understanding of threat vectors and related artifacts subsequently left behind and methods of retrieving and interpreting them.

-Understanding of networking (TCP/IP, OSI model), operating system fundamentals (Windows, UNIX, mainframe), security technologies (firewalls, IDS/IPS, etc.) and application programming/scripting languages (C, Java, Perl, Shell).

-Understanding of regulatory requirements and compliance issues affecting clients related to privacy and data protection, such as PCI DSS, GLBA, Basel II, EU Data Protection Directive, International Cross Border, and U.S. State Data Privacy Laws.

-Working knowledge of operating systems, virtual machine environments, mainframe security packages, and relational database management systems.

-Basic use of supporting commercial and open source security tools.

-Willingness to travel to meet client needs; travel is estimated at 60-80%.

-Valid driver's license in the US and a valid passport required

-The successful candidate must hold or be willing to pursue related professional certifications such as the CISSP, CISM, and/or CISA.

-Strong written and presentational skills; ability to clearly communicate complex messages to a variety of audiences

-Possess high standard of integrity and confidentiality

-Work with minimal supervisory oversight; able to independently work in a remote capacity.

-Act as an investigative architect and provide internal or external teams with documentation and methodology sufficient to conduct an investigation to successful completion.

-Remain current on information security, emerging threat trends and tools including methodologies to combat the same.

-Ability to respond onsite in a 24/7/365 environment; must be willing to work evening, overnight, weekend, and holiday hours, as needed.

-Travel as needed to customer locations to perform reactive including frequent travel with little to no advanced notice. International travel may be required.

-Adhere to policies, procedures, and security practices.

-Resolve problems independently and understand escalation procedures; coordinate escalations and collaborate with client technology teams to ensure timely resolution of issues

Additional Information

All your information will be kept confidential according to EEO guidelines.

Privacy Policy