Incident Reponse Resident - Dell SecureWorks
Company Name:
Dell
Incident Response Resident Consultant
Security & Risk Consulting (SRC) Group
Dell SecureWorks is a market leader in information security services with more than 3,600 customers' worldwide spanning North America, Latin America, Europe, the Middle East and the Pacific Rim. Organizations of all sizes, across all industries rely on Dell SecureWorks to protect their assets, improve compliance and reduce costs. The combination of strong customer service, award-winning security technology and experienced security professionals makes Dell SecureWorks the premier provider of information security services for any organization. Positioned as a leader of the MSSP industry by several global industry analyst firms, Dell SecureWorks also has received SC Magazine's Best Managed Security Service award and Frost & Sullivan's North America Security Incident Mitigation and Response Customer Value Leadership Award, among others.
The position will be on-site at the client's Dearborn, Michigan location. This person will be the senior team member on the client's incident response team augmenting the customer's SOC and CIRT capabilities. They will perform incident response processes and train other team members on forensics capabilities.
Role & Responsibilities
Responsibilities for the Residents include but are not be limited to:
Follow Company policy and procedures on the use of forensic tools and capabilities, logging activities as required
Act as a Subject Matter Expert (SME) for incident response and forensics
Manage and perform incident response activities
Support ongoing internal investigations and hand over legal cases to eDiscovery team
Performstorage forensics (for example, hard drives, phones, USB storage)
Utilize Company-owned forensic tools (Encase, FTK, Helix, Wireshark, etc.) in the course of investigations
Perform network storage forensics (for example, capturing network traffic for analysis)
Perform file-system analysis and file carving (for example, to extract email, documents, and other trace evidence)
Identify, collect, preserve and analyze electronic information, relevant to a case, incident or event of interest
Establish timelines and patterns of activity of individuals and electronic devices and software
Follow forensically sound practices, including preserving chain of custody
Consult with client Legal team on privacy, policy and compliance concerns
Develop remediation plan of actions as a result of investigative discovery within Company business and IT infrastructure
Adequately communicate with all key stakeholders to ensure both confidentiality of information and expedient evidence collection
Collaboration with technical teams for issue resolution and mitigation.
Documentation of actions taken for audit, regulatory and legal purposes within approved event tracking system.
Ability to deliver technical training in areas such as incident handling, event analysis and correlation, threat management, etc.
Coordinate with Infrastructure Support team to maintain/troubleshoot defense perimeter and monitoring integrity.
Communicate and escalate issues and incidents as required by process or management.
Perform other essential duties and lead other projects as assigned or requested.
Additional responsibilities will include performing documentation review and improvement, attending meetings as needed, serve front line response for troubleshooting low-level engineering issues as needed.
Resident's Knowledge, Skills, & Abilities
Five to seven plus (5+) years of Information Technology experience with network security technologies.
Subject matter expert (SME) in one or multiple areas such as Incident Response, FTK, Encase, Windows, Unix, Midrange, Mainframe, Firewalls, Intrusion Detection, Threat Detection Analysis, or Information Risk Management
Understanding of source code, hex, binary, regular expression, etc.
Experience with endpoint monitoring solutions such as Carbon Black or Mandiant MIR
Experience with forensics technologies and applying them in a creative and effective manner
Resident may have industry certification from vendors including: ISC2, GIAC, EC-Council, Cisco, Juniper, (SIEM), CompTIA, ITIL, Unix, Microsoft, Oracle, etc.
Sound understanding of TCP/IP and networking concepts.
Solid and demonstrable comprehension of Information Security including malware, emerging threats, attacks, and vulnerability management.
Experience with reviewing system language log files, data correlation, and analysis (i.e. firewall, network flow, IDS, system logs).
Strong deductive reasoning, critical thinking, problem solving, and prioritization skills.
Experience assisting the development and maintenance of tools, procedures, and documentation.
Customer service including the resolution of escalations, incident handling, and response.
Experience in a fast paced, high stress, support environment, able to work with a sense of urgency and pay attention to detail
Ability to follow detailed process and procedure documentation.
Demonstrated ability to be reliable and flexible.
Experience with QRadar a plus
Excellent written and verbal communication and organizational skills
Outstanding work ethic
Strong team player that collaborates well with others to solve problems and actively incorporate input from various sources
Able to training other team members and bring new knowledge to the team
Company Description
With more than 100,000 team members globally, we promote an environment that is rooted in the entrepreneurial spirit in which the company was founded. Dell's team members are committed to serving our communities, regularly volunteering for over 1,500 non-profit organizations. The company has also received many accolades from employer of choice to energy conservation. Our team members follow an open approach to technology innovation and believe that technology is essential for human success.
Why work with us?
Life at Dell means collaborating with dedicated professionals with a passion for technology. When we see something that could be improved, we get to work inventing the solution. Our people demonstrate our winning culture through positive and meaningful relationships. We invest in our people and offer a series of programs that enables them to pursue a career that fulfills their potential. Our team members' health and wellness is our priority as well as rewarding them for their hard work.
To learn more about our commitment to Diversity & Inclusion, visit:Equal Employment Opportunity Policy Statement
Job: Services IT - Security Systems
Primary Location: North America-US-MI-Dearborn
Shift: Day Job
Job Level: Individual Contributor
Req ID: 14000P5SEstimated Salary: $20 to $28 per hour based on qualifications.
Dell
Incident Response Resident Consultant
Security & Risk Consulting (SRC) Group
Dell SecureWorks is a market leader in information security services with more than 3,600 customers' worldwide spanning North America, Latin America, Europe, the Middle East and the Pacific Rim. Organizations of all sizes, across all industries rely on Dell SecureWorks to protect their assets, improve compliance and reduce costs. The combination of strong customer service, award-winning security technology and experienced security professionals makes Dell SecureWorks the premier provider of information security services for any organization. Positioned as a leader of the MSSP industry by several global industry analyst firms, Dell SecureWorks also has received SC Magazine's Best Managed Security Service award and Frost & Sullivan's North America Security Incident Mitigation and Response Customer Value Leadership Award, among others.
The position will be on-site at the client's Dearborn, Michigan location. This person will be the senior team member on the client's incident response team augmenting the customer's SOC and CIRT capabilities. They will perform incident response processes and train other team members on forensics capabilities.
Role & Responsibilities
Responsibilities for the Residents include but are not be limited to:
Follow Company policy and procedures on the use of forensic tools and capabilities, logging activities as required
Act as a Subject Matter Expert (SME) for incident response and forensics
Manage and perform incident response activities
Support ongoing internal investigations and hand over legal cases to eDiscovery team
Performstorage forensics (for example, hard drives, phones, USB storage)
Utilize Company-owned forensic tools (Encase, FTK, Helix, Wireshark, etc.) in the course of investigations
Perform network storage forensics (for example, capturing network traffic for analysis)
Perform file-system analysis and file carving (for example, to extract email, documents, and other trace evidence)
Identify, collect, preserve and analyze electronic information, relevant to a case, incident or event of interest
Establish timelines and patterns of activity of individuals and electronic devices and software
Follow forensically sound practices, including preserving chain of custody
Consult with client Legal team on privacy, policy and compliance concerns
Develop remediation plan of actions as a result of investigative discovery within Company business and IT infrastructure
Adequately communicate with all key stakeholders to ensure both confidentiality of information and expedient evidence collection
Collaboration with technical teams for issue resolution and mitigation.
Documentation of actions taken for audit, regulatory and legal purposes within approved event tracking system.
Ability to deliver technical training in areas such as incident handling, event analysis and correlation, threat management, etc.
Coordinate with Infrastructure Support team to maintain/troubleshoot defense perimeter and monitoring integrity.
Communicate and escalate issues and incidents as required by process or management.
Perform other essential duties and lead other projects as assigned or requested.
Additional responsibilities will include performing documentation review and improvement, attending meetings as needed, serve front line response for troubleshooting low-level engineering issues as needed.
Resident's Knowledge, Skills, & Abilities
Five to seven plus (5+) years of Information Technology experience with network security technologies.
Subject matter expert (SME) in one or multiple areas such as Incident Response, FTK, Encase, Windows, Unix, Midrange, Mainframe, Firewalls, Intrusion Detection, Threat Detection Analysis, or Information Risk Management
Understanding of source code, hex, binary, regular expression, etc.
Experience with endpoint monitoring solutions such as Carbon Black or Mandiant MIR
Experience with forensics technologies and applying them in a creative and effective manner
Resident may have industry certification from vendors including: ISC2, GIAC, EC-Council, Cisco, Juniper, (SIEM), CompTIA, ITIL, Unix, Microsoft, Oracle, etc.
Sound understanding of TCP/IP and networking concepts.
Solid and demonstrable comprehension of Information Security including malware, emerging threats, attacks, and vulnerability management.
Experience with reviewing system language log files, data correlation, and analysis (i.e. firewall, network flow, IDS, system logs).
Strong deductive reasoning, critical thinking, problem solving, and prioritization skills.
Experience assisting the development and maintenance of tools, procedures, and documentation.
Customer service including the resolution of escalations, incident handling, and response.
Experience in a fast paced, high stress, support environment, able to work with a sense of urgency and pay attention to detail
Ability to follow detailed process and procedure documentation.
Demonstrated ability to be reliable and flexible.
Experience with QRadar a plus
Excellent written and verbal communication and organizational skills
Outstanding work ethic
Strong team player that collaborates well with others to solve problems and actively incorporate input from various sources
Able to training other team members and bring new knowledge to the team
Company Description
With more than 100,000 team members globally, we promote an environment that is rooted in the entrepreneurial spirit in which the company was founded. Dell's team members are committed to serving our communities, regularly volunteering for over 1,500 non-profit organizations. The company has also received many accolades from employer of choice to energy conservation. Our team members follow an open approach to technology innovation and believe that technology is essential for human success.
Why work with us?
Life at Dell means collaborating with dedicated professionals with a passion for technology. When we see something that could be improved, we get to work inventing the solution. Our people demonstrate our winning culture through positive and meaningful relationships. We invest in our people and offer a series of programs that enables them to pursue a career that fulfills their potential. Our team members' health and wellness is our priority as well as rewarding them for their hard work.
To learn more about our commitment to Diversity & Inclusion, visit:Equal Employment Opportunity Policy Statement
Job: Services IT - Security Systems
Primary Location: North America-US-MI-Dearborn
Shift: Day Job
Job Level: Individual Contributor
Req ID: 14000P5SEstimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
