Foundstone Threat Researcher
Location:
Posted:
August 06, 2016
Reference:
807032
About this position...

We are currently seeking to add more experts to the Incident Response team, and would like to talk to you if you have demonstrable experience in disk and memory forensics, malware analysis, incident handling, SOC architecture, IR program development, and/or threat intelligence. We are looking for senior consultants with years of experience supporting Incident Response investigations, but will consider candidates with less experience if you are able to show an aptitude for, as well as, a deep understanding of Incident Response.

What you will do...

Conduct incident response investigations, to include host forensics, network forensics, malware analysis, and breach response.

Lead customers in the response of incidents, conducting large-scale investigations on their behalf in their environments.

Work with customer IT departments and 3rd parties to design and implement remediation and recovery plans.

Develop custom scripts and tools to solve specific problems related to our investigations.

Assist customers with IR program development, SOC design and creation, or assessment of network security posture.

Research new techniques and artifacts and present your findings in a comprehensive format to various audiences.

Ability to operate or perform with minimal supervision to deliver customer satisfaction
Qualifications:
Minimum Qualifications:

Looking for a minimum of 3-5 years of Cyber Security related technical industry experience.
Fluent English required (oral, written and reading)
15% Travel required.
Proficiency in Scripting of 1 or more of the following: Perl, Python, Powershell, VBScript, Bash

Additional Qualifications:

Extensive disk and memory analysis experience
Expert knowledge of Incident Handling procedures
Proficient understanding of malware and breach methodology
Proficient understanding of networking protocols and secure network design
Proficiency in working from a Linux/Mac Operating System to implement OpenSource alternatives for IR purposes

Preferred Qualifications:

Enterprise consulting experience
Extensive behavioral and static malware analysis experience
Extensive network log and packet capture analysis experience
Experience in a CSIRT
Background in cyber threat intelligence collection, analysis, and dissemination
Certifications from ISC2, GIAC, CompTIA, or EC-Council

A little about us:
Our vision is simple and direct. If it computes, it does it best with Intel. We embrace all aspects of computing.

Know someone who would be interested in this job? Share it with your network.