DFIR Engagement Manager

Summary

Join At-Bay's Security team, a fast-growing InsurSec company, and contribute to innovative products protecting small businesses from digital risks. As an InsurSec provider, we uniquely combine insurance with security technologies and expertise. We're expanding our DFIR team to increase our reach and impact, serving 35,000 customers. Our customers experience 5X fewer ransomware attacks with At-Bay. This role involves incident response, forensic analysis, threat hunting, and team management. The ideal candidate possesses extensive digital forensics experience and strong leadership skills. We offer a competitive salary and a dynamic work environment.

Requirements

• 3+ years of experience in digital forensics, incident response, or a similar role
• 1+ years of experience managing highly skilled DFIR teams members
• Strong knowledge of Windows and Unix/Linux operating systems
• Expertise in threat hunting, network forensics, and EDR / EPP technologies
• Skilled in forensic acquisition and analysis of physical and virtual systems
• Advanced understanding of networking, routing, and firewall operations
• Understanding of business email compromise (BEC) cases and investigation techniques

Responsibilities

• Engage on behalf of At-bay Security in incident response tasks, interacting with various legal counsel, client executives, and technical teams
• Utilize standard tools and methodologies to collect forensic artifacts and images from affected systems
• Perform Windows/Unix/Linux forensics and triage, and network forensics to assess compromise and investigations
• Apply mitigation strategies and concepts to remediate identified threats
• Analyze triage collections/artifacts for indicators of compromise (IoCs) and potentially malicious activity
• Review logs from host systems and appliances to identify suspicious activities
• Collect forensic disk and memory images from physical and virtual endpoints and servers
• Perform forensic analysis of physical systems, virtual machines, and network data
• Understanding of an incident lifecycle and cyber-kill-chain
• Familiarity with exfiltration techniques used by threat actors
• Maintain current knowledge on emerging threats and vulnerabilities
• Analyze files for IOCs using various techniques
• Conduct limited threat research based on IOCs collected during investigations
• Understand obfuscation techniques used to conceal malicious commands and traffic, and lateral movement strategies employed by threat actors
• Collaborate and share information within and across teams and communicate effectively with client managers and executives
• Write detailed reports and summarize findings clearly and concisely
• Maintain current knowledge of information security, incident response techniques, emerging threats, and tools
• Manage a team of highly skilled DFIR analyst
• Exhibit strong customer service and consulting skills
• Adhere to client and internal policies, procedures, and security practices
• Remain calm, composed, and articulate in tough customer situations
• Exhibit excellent relationship management and communication skills

Preferred Qualifications

Industry certifications such as MCFE, ENCE, ACE, GCFA, GCIH, GNFA, GCFE or similar are a plus

Benefits

• Our estimated base pay range for this role is $150,000-$180,000 per year
• Work location: USA, nationwide