Sr Digital Forensics and Incident Response (DFIR) Analyst

Remote Full-time
Our client is seeking a Sr Digital Forensics and Incident Response (DFIR) Analyst to support Corporate Cybersecurity Operations. The person hired into this position will be assigned to our clients Cybersecurity Operations Center (CSOC). The job duties include leadership, technical mentoring, and performing cyber data analytics at scale. Senior Incident Response Analyst will guide employment of detection rules (SIEM, EDR, YARA, etc.), hunt for advanced attackers, and review the technical work of junior and mid-level team members. Ideal candidates will be deadline oriented, comfortable making decisions, and able to consistently produce high quality work. The Sr DFIR Analyst will work closely with the CSOC Manager as required to produce detailed analysis of security events, support business units, and maintain a spirit of collaboration with IT Team Leaders. Responsibilities:Protect the organization’s IT assets as a member of the Cybersecurity Operations Center (CSOC)Implement DFIR strategies to identify risks and reduce gaps in network and host security controlsCollaborate with IT Ops and end users to proactively thwart intrusions and support incident responsePrepare CSOC reports that document security incidents from discovery to remediation Support vulnerability and cyber risk management functions by continually monitoring threats and exposures Test and evaluate technology solutions in preparation for small and large-scale deploymentsPeriodic on-call responsibilitiesQualifications:Bachelor’s Degree in Cybersecurity-related field or equivalent CSOC work experienceMinimum 6 years’ experience with Splunk Enterprise Security to include leading optimization projects focused on data management, enhanced monitoring, and automation. Splunk Certified Power User or other advanced Splunk Certification is a plus.Minimum 6 years’ DFIR experience using Endpoint Detection and Response (EDR) technologyMinimum 6 years’ experience performing forensic analysis on various types of evidence, such as disk, memory, network, and cloud artifacts. Proficient with common scripting and programming languagesExperience with DoD Risk Management FrameworksIn-depth understanding of common security controls for Windows, Linux, and network equipmentStrong attention to detail, time management skills, and professional demeanorUS Citizenship Apply tot his job
Apply Now

Similar Opportunities

Senior FP&A Analyst - SGA

Remote

Sr. Front End Developer, 100% Remote

Remote

VP & Associate General Counsel, Clinical Operations

Remote

`Fully Remote Position (No Exp. Needed – Start ASAP)

Remote

Freelance Franchise Development Consultant (United States)

Remote

Manufacturing, Automation & Operations Optimization Consultant

Remote

Monday.com Enterprise Consultant to Design & Build Product Lifecycle Management System

Remote

Associate Legal Counsel

Remote

[Remote] Senior Frontend Engineer (Experimentation & Growth)@ PEOPLE10 (Remote)

Remote

[Remote] Payroll/HR Clerk - Fully Remote

Remote

**Experienced Customer Service Representative – Weekends Only Part-Time Position – $15 per Hour at blithequark**

Remote

Experienced Customer Service Representative – Join the Apple Work From Home Team for a Dynamic and Flexible Career Opportunity

Remote

Experienced Remote Data Entry Specialist – Full Time/Part Time Opportunities for Career Growth and Development at blithequark

Remote

[Remote] ETL/SSIS Developer (PostgreSQL to SQLServer)

Remote

Senior PR Specialist

Remote

**Data Entry Specialist – Join blithequark's Dynamic Team and Take Off on a Rewarding Career**

Remote

Account Executive - Remote - Strategic Sales Leadership in High Tech, Utilities, and Telco Industries with Precisely

Remote

Source-to-Pay (S2P) / Sustainability Reporting & Analytics Analyst

Remote

Certified Medical Assistant - 20 Hours, Days - UMass Memorial Health

Remote

Sales Development Representative (remote)

Remote
← Back to Home