Incident Response Specialist
Cyber Security Cyber Risk Posted: 24-Mar-2023
Alexandria, Virginia, United States
Arlington, Virginia, United States
Mclean, Virginia, United States
Richmond, Virginia, United States
Rosslyn, Virginia, United States
Washington Dc, Virginia, United States
Work you'll do
- Assists in preparation of internal and external communication
- Maintains chain of custody of incident evidence
- Provides physical security of collected data and devices
- Provides recommendations to resolve incident and/or reduce impact of incident, to bypass and/or prevent future similar incidents
- Provides technical services needed for cyber incident response investigations including, containment, eradication and remediation activities
- Assists in assessing scope of incident damage
- Assists in determination of incident severity
- Responsible for maintaining documentation throughout a cyber incident
- Assist in the drafting of post-incident reports to senior leadership to convey impact, origin, root cause, and remediation
- Perform digital forensic services including, but not limiting to, collection, documentation, preservation and analysis of incident evidence
- Maintains rotating on-call availability for a 24x7x365 coverage
- Establish and maintain strong working relationships with all teams required to support incident response including other enabling areas and member firms
The team
Qualifications
- Minimum 5 years of experience in a technology-related field and 2 years in a managerial experience
- Bachelor’s degree: degree in a technology-related field, or equivalent education-related experience
- Proficiency in cyber incident response investigations including containment, eradication and remediation activities
- Experience in assessing scope of the incident damage, determination of incident severity and maintaining documentation throughout a cyber incident
- Detailed knowledge of incident response services including, but not limiting to, collection, documentation, preservation, and analysis of incident evidence
- Maintain on-call availability for a 24x7x365 coverage
- Ability to maintain strong working relationships with all teams required to support incident response including other enabling areas and member firms
- Experience with drafting of post-incident reports to senior leadership to convey impact, origin, root cause, and remediation
- Prior experience coordinating shift hand-offs between different team members and/or locations
- Up to 15% travel possible
- Professional security management certification preferred, such as GIAC Certified Forensic Analyst (GCFA), GIAC Certified Forensic Examiner (GCFE), AWS, Azure, Cisco Certified Security Professional (CCSP) or other similar credentials