Senior Manager, Cloudforce One Incident Response

Summary

Join Cloudflare's Cloudforce One team as a Senior Manager of Incident Response and play a pivotal role in building a proactive, threat intelligence-driven approach to cybersecurity. You will be responsible for responding to customer security incidents in on-premises and cloud environments, detecting and disrupting cyber threats, and engaging with customers at all levels. This role requires a deep understanding of forensic analysis, malware analysis, and incident remediation. You will lead a team, contribute to team processes, and potentially work with codebases. The ideal candidate will have extensive experience in cybersecurity, incident response, and team leadership, along with strong communication skills. Cloudflare offers a competitive salary, equity, and a comprehensive benefits package.

Requirements

• 15+ years of previous experience in cybersecurity
• 5+ years in Incident Response
• 2+ years of customer-facing startup Incident Response experience
• Extensive experience with hands-on forensic analysis in a Windows, Mac, and Linux environment
• At least triage malware experience in static and dynamic analysis of common file formats on Windows, macOS, or UNIX-based platforms
• Excellent verbal and written communication skills
• Bachelor's degree in Computer Science, Information Systems, Cybersecurity, related technical field, or equivalent practical experience

Responsibilities

• Respond to customer security incidents in both on-premises and cloud environments
• Detect and disrupt cyber threat activity across the customer's environment and various cloud platforms
• Engage with customers at all levels, including Executive, VP, Director, and Managerial levels
• Serve an integral role in the discovery and analysis of cyber threat intrusions, working alongside forensic analysts, threat researchers, detection engineers, and malware analysts to detect and mitigate tracked threats
• Identify Tactics, Techniques, and Procedures (TTPs) of ongoing and ever-evolving cyber attacks to protect your customer and the greater Cloudflare global customer base
• Contribute to and deploy team processes
• Potentially contribute to and deploy codebases to coalesce traits of an attack
• Write incident response reports
• Write code in Python or Golang
• Interact with APIs

Preferred Qualifications

• Ability to travel up to 20% of the time
• Team leadership experience in a matrixed consulting environment
• Incident Response: experience conducting or managing incident response investigations for organizations, investigating targeted threats such as the Advanced Persistent Threat, Organized Crime, and Hacktivists
• Computer Forensic Analysis: a background using a variety of forensic analysis tools in incident response investigations to determine the extent and scope of compromise
• Network Forensic Analysis: strong knowledge of network protocols, network analysis tools like Bro/Zeek or Suricata, and ability to perform analysis of associated network logs
• Reverse Engineering: ability to understand the capabilities of static and dynamic malware analysis
• Incident Remediation: strong understanding of targeted attacks and able to create customized tactical and strategic remediation plans for compromised organizations
• Network Operations and Architecture/Engineering: strong understanding of secure network architecture and strong background in performing network operations
• Cloud Incident Response: knowledge in any of the following areas: AWS, Azure, GCP incident response methodologies
• Communications: strong ability to communicate executive and/or detailed level findings to clients; ability to effectively communicate tasks, guidance, and methodology with internal teams
• Strong written and verbal communication skills, with the ability to establish and maintain strong working relationships with business groups
• Technical knowledge of common network protocols and design patterns including TCP/IP, HTTPS, FTP, SFTP, SSH, RDP, CIFS/SMB, NFS
• Familiarity with various cloud environments (AWS, Azure, O365, Google, Cloudflare)
• Understanding of MITRE ATT&CK and NIST Cyber Security Frameworks standards and requirements
• In-depth understanding of Windows operating systems and general knowledge of Unix, Linux, and Mac operating systems
• Prior Government experience in Computer Network Operations
• Proficient in Python or Golang, capable of writing modular code that can be installed on a remote system
• Proficient with Yara and writing rules to detect similar malware samples
• Understanding of source code, hex, binary, regular expression, data correlation, and analysis such as network flow and system logs
• Practical malware analysis experience with static, dynamic, and automated malware analysis techniques
• Possess mid-level experience as a Malware Analyst able to reverse engineer various file formats and analyze complex malware samples
• Reverse engineering experience with APT malware with an understanding of common infection vectors
• Knowledgeable of current malware techniques to evade detection and obstruct analysis
• Experience writing malware reports on unique and interesting aspects of malware
• Experience with malware attribution
• Experience with tracking and identifying threats through Indicator of Compromising (IOCs) pivoting and infrastructure enumeration
• Familiarity with bash command line executables to conduct static analysis and investigate IOCs

Benefits

• Medical/Rx Insurance
• Dental Insurance
• Vision Insurance
• Health Saving Accounts
• Commuter Spending Accounts
• Fertility & Family Forming Benefits
• On-demand mental health support and Employee Assistance Program
• Global Travel Medical Insurance
• Short and Long Term Disability Insurance
• Life & Accident Insurance
• 401(k) Retirement Savings Plan
• Employee Stock Participation Plan
• Flexible paid time off covering vacation and sick leave
• Leave programs, including parental, pregnancy health, medical, and bereavement leave
• Equity
• Compensation may be adjusted depending on work location and level. For Colorado, Illinois, Maryland and Minnesota based hires: Estimated annual salary of $225,000 - $250,000. For New York City, Washington, Washington D.C. and California (excluding Bay Area) based hires: Estimated annual salary of $239,000 - $260,000. For Bay Area based hires: Estimated annual salary of $252,000 - $270,000