Cyber Analyst, Digital Forensics Incident Responder

Summary

Join At-Bay's Security team, a fast-growing InsurSec company, and contribute to innovative products protecting small businesses from digital risks. As a Cybersecurity Analyst focused on Digital Forensics and Incident Response (DFIR), you will deliver incident investigation and response services to At-Bay's insureds. This role involves analyzing digital evidence, developing incident timelines, identifying root causes, and participating in threat actor negotiations and incident recovery. You will also create incident reports and recommendations for risk mitigation, and deliver incident response training. At-Bay offers a competitive salary range of $80,000-$130,000 per year and a nationwide work location.

Requirements

• Possess previous digital forensics and incident response experience
• Have strong oral and written communication skills
• Have previous hands-on experience performing digital forensics and incident response
• Hold a Bachelor’s degree or equivalent
• Have a minimum of 2 years of experience in cybersecurity operations, incident response, incident recovery, or another security discipline
• Be willing to travel as needed to perform job functions

Responsibilities

• Deliver incident investigation and response services to At-Bay insureds
• Perform forensically sound collection, transmission, and storage of digital evidence
• Analyze digital evidence to identify indicators of compromise and adversary activity
• Develop incident timelines and theories of compromise
• Identify incident root causes
• Participate in threat actor negotiations as necessary (e.g., ransom negotiations, etc.)
• Participate in incident recovery (e.g., restoration of data from backups, reimaging workstations and servers, rebuilding network infrastructure, etc.) activities as necessary
• Develop and deliver incident reports to document key incident details for engagement stakeholders including executive leaders for insureds, breach coach attorneys, and At-Bay claims management staff as necessary
• Develop and deliver recommendations to mitigate the risk of future incidents for impacted insureds
• Develop and deliver incident response training and simulations for targeted insureds

Preferred Qualifications

• Have significant undergraduate or graduate coursework in computer science, computer engineering, information systems, or cybersecurity
• Have a previous background in law enforcement or government/military with experience leading complex technical investigations
• Possess knowledge of cloud environments, including knowledge of cloud security products and services offered by major cloud service providers (e.g., AWS, Azure, Google)
• Have experience in a top-10 cyber consulting firm or leading DFIR provider
• Hold one or more industry cybersecurity certifications (e.g., GCIH, Security+, CISSP, etc.)

Benefits

• Estimated base pay range of $80,000-$130,000 per year
• Nationwide work location (USA)