Cybersecurity Incident Response Analyst - REMOTE

Binary Defense (BD) is seeking a talented Cybersecurity Incident Response Analyst. 

• You will be a hybrid analyst supporting Incident Response (IR) and Analysis on Demand (AOD) cases. Driving all client meetings to discuss scope and incident updates, creating technical reports, and leading the investigation. 
• You will conduct incident triage/verification, incident scoping and hunting through network, containment and remediation recommendations to customer, identify and analysis malicious artifacts, and perform intelligence correlation.
• You will serve as the primary responder and point of contact in the response effort, forensic investigation, analysis and resolution of security incidents. 
• Serves as a subject matter expert for other consultants/teams and regularly collaborates and contributes to increasing the knowledge level of the group. This role interacts with all levels of the organization and is viewed as a subject matter expert on all incident response activities.
• Incident Responders have strong technical skills and work directly with clients to perform investigations, forensically analyze systems of all kinds, and pick apart malware to figure out how to detect, contain, and remediate compromised organizations. 
• You will understand existing and emerging threat actors, and identify rapidly changing tools, tactics, and procedures of attackers. You will understand evolving attacker behavior and motivations, participate and manage large client-facing projects, and train and mentor other IR members. 
• MUST be familiar with Incident Response best practices and procedures. 
• MUST have Windows Incident Response and computer forensics experience. 
• MUST be familiar with network analysis, memory analysis, and digital forensics. 
• MUST possess excellent verbal and written communication skills, including active listening skills and competence in presenting findings and recommendations to management. 

Responsibilities

• Communicate and collaborate with internal and customer teams to investigate and contain incidents for all escalated security events and investigations.
• Perform technical cyber security investigations on security incidents, root cause analysis, recommend and mitigate the effects caused by an incident.
• Work through client-facing incident response engagements, examine cloud, endpoint, and network based sources of evidence.
• Schedule and lead video calls for collaboration and discussions with clients.
• Recognize Tools, Tactics, and Procedures (TTPs) and Indicators of Compromise (IOC) that can be applied to current and future investigations.
• Build scripts, tools, or methodologies to enhance Binary Defense’s incident investigation processes.
• Assist in creating and revising all standard operating procedures, policies, processes, playbooks, technical reports.
• Develop and present comprehensive and accurate reports, trainings, and presentations for both technical and executive audiences.
• Maintains knowledge and skill set by attending educational workshops or conferences, reviewing publications, writing blog posts, and potentially speaking at conferences or other events. 
• Stays up to date on the latest threats, counter measures, and regulations that may affect Binary Defense. 
• Ability to write technical documents.
• Ability to work in a fast-paced and collaborative environment. 
• Ability to work remotely, with or without others, receive direction, and be a self-starter that takes initiative. 

• Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, a related field, or equivalent practical experience.
• Certified in one or more of the following:  GCIH, GCFE, GCFA, GREM, GNFA
• 5+ of experience with investigations in network forensics, host forensics, memory forensics, reverse malware engineering, threat intelligence, and enterprise security architecture. Platforms should be Windows, MacOS, or Linux.
• 2+ years of experience leading incident response investigations, analysis, containment, and remediation actions.
• 1+ years of leadership experience within a SOC or leading IR teams 
• SME in multiple cyber security technologies, including firewalls, IDS/IPS, network access control, email and web security, digital forensics, endpoint detection and response, vulnerability scanning and analysis, SIEM, and SOAR technologies.
• Strong experience using SIFT workstation and other digital forensics tools.
• Demonstrated knowledge and experience with Lockheed Martin’s Cyber Kill Chain and the MITRE ATT&CK Framework
• Ability to communicate investigative findings and strategies to technical staff, executive leadership, internal and external clients, and legal counsel.
• Effective time management skills to balance time among multiple tasks and mentor junior staff as needed.
• Strong analytical and problem-solving skills.
• Willingness to learn and continually improve skills to ensure, not only continued success of the business and its objectives, but continued success of its customers, as well.
• Must be a US Citizen and reside in the continental US.

Other Knowledge, Skills and Abilities

• Master’s degree in Cybersecurity, Computer Science, Information Systems, a related field, or equivalent practical experience.
• Python, PowerShell, bash and other scripting languages is preferred.
• 5+ years experience working within a security operations center
• Ability to lead clients in strategic conversations with strong executive presense.
• Experience in Cloud incident response 
• Experience working within 1 or more SOAR platforms preferred.

About Binary Defense

Binary Defense is a trusted leader in security operations, supporting companies of all sizes to proactively monitor, detect and respond to cyberattacks. The company offers a personalized Open XDR approach to Managed Detection and Response, advanced Threat Hunting, Digital Risk Protection, Phishing Response, and Incident Response services, helping customers mature their security program efficiently and effectively based on their unique risks and business needs.

With a world-class 24/7 SOC, deep domain expertise in cyber, and sophisticated technology, hundreds of companies across every industry have entrusted Binary Defense to protect their business. Binary Defense gives companies actionable insights within minutes not hours, the confidence in their program to be resilient to ever-changing threats, and the time back that matters most to their business.

Binary Defense is also the Trusted Cybersecurity Partner of the Cleveland Browns and partners with PGA TOUR players. For more information, visit our website, check out our blog, or follow us on LinkedIn.

Binary Defense offers competitive medical, dental and vision coverage for employees and dependents, a 401k match which vests every payroll, a flexible and remote friendly work environment, as well as training opportunities to expand your skill set (to name a few!). If you’re interested in joining a growing team with great perks, we encourage you to apply!