Post a job

DFIR Engagement Manager

At-Bay logo

Location
United States
Base Salary
150k-180k USD
At-Bay

Job Description

Why you should join our At-Bay Security team:

At-Bay is a fast-growth InsurSec company (Insurance x Cybersecurity) on a mission to bring innovative products to the market that help protect small businesses from digital risks. As an InsurSec provider, we uniquely combine insurance with mission-critical security technologies, threat intelligence, and human expertise, to bridge the critical security capability gap that exists among SMBs in the community. We believe InsurSec is an $80B market opportunity and we are excited to expand our DFIR team in order to help expand our reach and influence in the business and security community, of which we serve 35,000 customers.

With At-Bay, our customers experience 5X fewer ransomware attacks. This is just the tip of the iceberg! Click here to learn more about what we're building.

Core Responsibilities:

  • Engage on behalf of At-bay Security in incident response tasks, interacting with various legal counsel, client executives, and technical teams.
  • Utilize standard tools and methodologies to collect forensic artifacts and images from affected systems.
  • Perform Windows/Unix/Linux forensics and triage, and network forensics to assess compromise and investigations.
  • Apply mitigation strategies and concepts to remediate identified threats.
  • Analyze triage collections/artifacts for indicators of compromise (IoCs) and potentially malicious activity.
  • Review logs from host systems and appliances to identify suspicious activities.
  • Collect forensic disk and memory images from physical and virtual endpoints and servers.
  • Perform forensic analysis of physical systems, virtual machines, and network data.
  • Understanding of an incident lifecycle and cyber-kill-chain.
  • Familiarity with exfiltration techniques used by threat actors.
  • Maintain current knowledge on emerging threats and vulnerabilities.
  • Analyze files for IOCs using various techniques.
  • Conduct limited threat research based on IOCs collected during investigations.
  • Understand obfuscation techniques used to conceal malicious commands and traffic, and lateral movement strategies employed by threat actors.
  • Collaborate and share information within and across teams and communicate effectively with client managers and executives.
  • Write detailed reports and summarize findings clearly and concisely.

Technical Requirements:

  • 3+ years of experience in digital forensics, incident response, or a similar role.
  • 1+ years of experience managing highly skilled DFIR teams members.
  • Strong knowledge of Windows and Unix/Linux operating systems.
  • Expertise in threat hunting, network forensics, and EDR / EPP technologies.
  • Skilled in forensic acquisition and analysis of physical and virtual systems.
  • Advanced understanding of networking, routing, and firewall operations.
  • Understanding of business email compromise (BEC) cases and investigation techniques.
  • Industry certifications such as MCFE, ENCE, ACE, GCFA, GCIH, GNFA, GCFE or similar are a plus.

Business Responsibilities:

  • Maintain current knowledge of information security, incident response techniques, emerging threats, and tools.
  • Manage a team of highly skilled DFIR analyst.
  • Exhibit strong customer service and consulting skills.
  • Adhere to client and internal policies, procedures, and security practices.
  • Remain calm, composed, and articulate in tough customer situations.
  • Exhibit excellent relationship management and communication skills.

Work location:

  • USA, nationwide

Our estimated base pay range for this role is $150,000-$180,000 per year. Base salary is determined by a variety of factors including but not limited to market data, location, internal equitability, domain knowledge, experiences and skills. In general, if the position sparks your interest we encourage you to apply - our team prioritizes talent.

Advice from our career coach

I have extensive experience in various industries and can provide valuable insights on how to stand out as an applicant for the Digital Forensics and Incident Response (DFIR) role at At-Bay Security. To be a successful candidate, it is crucial to:

  • Demonstrate a strong background in digital forensics and incident response with at least 3+ years of experience in a similar role.
  • Showcase experience in managing highly skilled DFIR team members for at least 1 year.
  • Possess advanced knowledge of Windows and Unix/Linux operating systems, as well as expertise in threat hunting, network forensics, and EDR/EPP technologies.
  • Highlight strong skills in forensic acquisition and analysis of physical and virtual systems.
  • Obtain industry certifications such as MCFE, ENCE, ACE, GCFA, GCIH, GNFA, GCFE, or similar to stand out among other candidates.
  • Emphasize your understanding of business email compromise (BEC) cases and investigation techniques.
  • Showcase excellent communication skills and the ability to effectively collaborate and share information within teams.

Apply for this job

Expired?

Please let At-Bay know you found this job with RemoteJobs.org. This helps us grow!

About the job

Sep 12, 2024

Full-time

150k-180k USD

  1. US United States
RemoteJobs.org mascot