Incident Response Engineer

Cybereason • Remote

Company

Cybereason

Location

Remote

Type

Full Time

Job Description

At Cybereason, we empower organizations around the world to take an entirely new approach to cybersecurity. Regardless of your role here, you will play an integral part in helping to empower our customers to reverse the attackers’ advantage and end attacks from endpoint to everywhere. Our deep understanding and embodiment of our Core Values unites us as an organization and empowers us to put our best foot forward. Each day we strive to win as one, be daring, evolve, and never, ever, give up as we work on our shared mission. 

Throughout our global organization, whether working from remote, hybrid or in an office, we foster a culture that embraces all people, empowering each of us to be us (#UbU). 

If you’re looking to join an organization deeply rooted in their values that empowers their employees to do their best work, whatever that work might be, come join (us)!

Incident Response Engineer

The Cybereason Incident Response Team is hiring talented and motivated engineers and innovators eager to participate in the development of our advanced suite of high-end response tools and services. Focusing on building and supporting the innovative and industry-leading capabilities being actively deployed and explored by the Cybereason Nocturnus IR team, this is a role for those who are passionate about pushing the industry forward and raising the bar for Incident Response.

The Cybereason Nocturnus IR team technical and operations stack embodies the principles of SecDevOps and rapid development, building firmly from practitioner-led experience of overcoming real-world challenges facing Incident Responders. This role requires experience of both IR investigations/digital forensics, and DevOps implementation and process development.

What you will do:

  • Expand and optimize  the service-oriented architecture of the Cybereason IR platform to deliver highly robust, scalable, and repeatable analysis techniques to front-line incident responders for a variety of workflows and engagement types
  • Innovate new capabilities and technology integrations such as bleeding-edge data science and threat intelligence approaches using the Cybereason graph.
  • Conduct research into forensic artifacts, behavioural analysis and threat hunting techniques and implement them in the Cybereason IR investigations platform
  • Support and maintain the DevOps backbone of infrastructure and development platforms that underpin the delivery and technical operations processes in Nocturnus IR.

Requirements:

  • Bachelor's degree in a technical field, or equivalent practical experience
  • Minimum 8 years of Incident Response or comparable industry experience (threat hunting, threat detection and response, malware analysis, etc)
  • Knowledge and experience of:
  • at least one scripting or development language (ideally Python and Golang)
  • Cloud-native CI/CD platforms (such as Google Kubernetes Engine, Amazon EKS, or Oracle OKE)
  • Remote Incident Response and forensic toolkits, such as GRR, Osquery, and Velociraptor
  • Forensic Investigations of at least one major OS family (Windows, Mac OS, *nix)

...and at least two of the following:


  • Digital forensics (disk and memory collection & analysis)
  • Network Security Monitoring (NSM), network traffic analysis, and log analysis
  • Static and dynamic malware analysis
  • Threat Hunting with EDR
  • Data Science with Jupyter, Pandas, etc
  • Threat Intelligence and adversary tracking

Additional Qualifications:

  • Ability to document and explain technical details in a concise, understandable manner
  • Ability to manage and balance own time among multiple tasks

Cybereason is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex including sexual orientation and gender identity, national origin, disability, protected veteran status, or any other characteristic protected by applicable federal, state, or local law.

For California Residents: Please View our CCPA Compliance Notice: 

CCPA Compliance Notice


#LI-DNI

More About Cybereason:


Our culture and how we operate reflects in our shared values. Our #Defenders are individuals with diverse skill sets and backgrounds who are driven to innovate and scale with our growing organization. We are a team that strives to learn from each other, solve challenging problems, and work collaboratively toward our goal of reversing the adversary advantage.

Core Values:

  • Win As One: The power of an individual is less than the power of a team.
  • Ever Evolving: Change keeps us at the forefront, so we encourage it.
  • Daring: To achieve the impossible, we must dare to be different.
  • Obsessed with Customers: We believe gaining our customers’ trust is the most important part of what we do.
  • Never Give Up: We are tenacious and resilient, and we never stop.
  • UbU: We believe people can only unlock their full potential when they work somewhere that accepts who they are.

If these values resonate with you and our vision excites you, join us today and help us end cyber attacks from the endpoint to everywhere! #Defenders

Don’t meet every single requirement? Studies have shown that women and people of color are less likely to apply to jobs unless they meet every single qualification. At Cybereason we are dedicated to building a diverse, inclusive, and authentic workplace (#uBu), so if you’re excited about this role but your past experience doesn’t align perfectly with every qualification in the job description, we encourage you to apply anyways. You may be just the right candidate for this or other roles.

Apply Now

Date Posted

01/13/2023

Views

30

Back to Job Listings ❤️Add To Job List Company Info View Company Reviews
Positive
Subjectivity Score: 0.8

Similar Jobs

Linux Support Engineer - Voltage Park

Views in the last 30 days - 0

Voltage Park is seeking a Linux Support Engineer for a fulltime remote position The ideal candidate will have command line level Linux sys administrat...

View Details

Technical Architect - CDW

Views in the last 30 days - 0

CDW offers a rewarding career opportunity for a Technical Architect with expertise in ServiceNow The role involves delighting customers by collaborati...

View Details

Federal Security Solutions Engineer - Rapid7

Views in the last 30 days - 0

Rapid7 is seeking a Federal Solutions Engineer with 5 years of experience in cybersecurity solutions engineering or technical sales focusing on federa...

View Details

Lead Business Analyst (Insurance) - Agero

Views in the last 30 days - 0

Agero a leading B2B whitelabel provider of digital driver assistance services is revolutionizing the vehicle ownership experience through datadriven t...

View Details

Lead Business Analyst (Automotive) - Agero

Views in the last 30 days - 0

Agero a leading B2B whitelabel provider of digital driver assistance services is revolutionizing the vehicle ownership experience through datadriven t...

View Details

Sales Engineer - Dandy

Views in the last 30 days - 0

Dandy a venturebacked company is revolutionizing the 200B dental industry with advanced technology They are looking for a Sales Engineer with 5 years ...

View Details