Incident Management (IR) Consultant

Full Time
Home, KS
Areas of Interest: Incident Response
report a problem
Overview

 

At Optiv, we’re on a mission to help our clients make their businesses more secure. We’re one of the fastest growing companies in a truly essential industry.

In your role at Optiv, you’ll be inspired by a team of the brightest business and technical minds in cyber security. We are passionate champions for our clients, and know from experience that the best solutions for our clients’ needs come from working hard together. As part of our team, your voice matters, and you will do important work that has impact, on people, businesses and nations. Our industry and our company move fast, and you can be sure that you will always have room to learn and grow. We’re proud of our team and the important work we do to build confidence for a more connected world.

Job Description
POSITION SUMMARY

The Incident Management (IR) Consultant is a member of the Enterprise Incident Management (EIM) team with the primary responsibility of responding to security events. The successful candidate must possess an extensive understanding of digital investigations and their underlying principles. Applicable fields of digital investigations include: incident response, computer forensics, network forensics, mobile forensics, e-discovery, malware analysis, memory analysis, and a strong understanding of information security principles. Each investigation requires the EIM consultant to be able to perform all phases of the investigation and remediation, providing security recommendations that will effectively mitigate vulnerabilities and prevent future attacks.

Perform live incident management activities that include reactive and proactive engagements, identifying and remediating malicious applications and actions that include but are not limited to the following activities:

PRIMARY DUTIES AND RESPONSIBILITIES

Reactive:

  • Live incident response, systems triage, containment, and remediation
  • Assessing compromises
  • Digital forensics
  • Forensic log review from varying security technologies
  • Mobile phone forensics
  • Malware analysis
  • Network traffic analysis

Proactive:

  • Incident response risk assessments
  • Incident management program development
  • Incident management tabletop exercises

Additional Responsibilities:

  • Perform authoritatively in the role as an incident management subject matter expert and lead customer personnel in responding to incidents.
  • Work with minimal supervisory oversight; able to independently work in a remote capacity.
  • Act as an investigative architect and provide internal or external teams with documentation and methodology sufficient to conduct an investigation to successful completion.
  • Demonstrate the ability to invent and successfully utilize new investigative workflows to counter new and unknown threats.
  • Remain current on information security, emerging threat trends and tools including methodologies to combat the same.
  • Guide customers through investigations in compliance with regulatory requirements.
  • Travel as needed to customer locations to perform reactive and proactive engagements including frequent travel with little to no advanced notice. International travel may be required.
  • Adhere to policies, procedures, and security practices.
  • Resolve problems independently and understand escalation procedures; coordinate escalations and collaborate with client technology teams to ensure timely resolution of issues.
  • Take meticulous notes and demonstrate strong reporting capabilities and attention to detail.
  • Perform public speaking and eminence related activities.
  • Perform other related duties as assigned.

Basic Qualifications

  • Minimum two (2) years of experience performing in incident response roles that include containment and isolation, forensics, root cause analysis, and remediation.
  • Minimum two (2) years of experience in a consulting services role or a related information security position.
  • Ability to travel 50% of the time.

Preferred Qualifications

  • Highly desired certifications include: GIAC Certified Forensics Examiner (GCFE), EnCase Certified Examiner (EnCE) Certification, Certified Computer Examiner (CCE), and Certified Computer Forensics Examiner (CCFE).
  • Ability to combine multiple separate findings to identify complex attacks and incidents.
  • Basic use of supporting commercial and open source security tools.
  • Familiarity with different network architectures, network services, operating systems, network devices, development platforms and software suites.
  • Demonstrated ability to create comprehensive assessment reports.
  • Work collaboratively with customers and self-manage through difficult situations, with a focus on client satisfaction.
  • Ability to convey complex technical security concepts to technical and non-technical audiences, including executives.
  • Ability to work independently as well as in a team environment.
  • Ability to multitask, balancing multiple projects simultaneously.
  • Knowledge of programming and scripting for the development of security tools and systems automation.
  • Ability to respond onsite in a 24/7/365 environment; must be willing to work evening, overnight, weekend, and holiday hours, as needed.
  • Strong interest in technology and a desire to develop professionally in the network, security, and digital investigations fields.
  • EnCase, FTK and other experience with similar products.
  • Understanding of network analysis tools.
  • Understanding of threat vectors and related artifacts subsequently left behind and methods of retrieving and interpreting them.

Education and Experience

Bachelor’s Degree from a four-year college or university in Information Assurance, Computer Science, Management Information Systems or related area of study; or related experience and/or training; or equivalent combination of education and experience.
 

DISCLOSURE
Optiv is an Equal Opportunity Employee/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, gender, national origin, age, disability or veteran status.
 
ABOUT US
Created from the merger of Accuvant and FishNet Security, Optiv is the largest comprehensive pure-play cyber security solutions provider in North America. We help clients plan, build and run successful cyber security programs that achieve business objectives through our depth and breadth of cyber security offerings, extensive capabilities and proven expertise in cyber security strategy, managed security services, incident response, risk and compliance, security consulting, training and support, integration and architecture services, and security technology. A Blackstone (NYSE: BX) portfolio company, we have served more than 12,000 clients of various sizes

Why Work Here:
At Optiv, we’re on a mission to help our clients make their businesses more secure. We’re one of the fastest growing companies in a truly essential industry.
 
In your role at Optiv, you’ll be inspired by a team of the brightest business and technical minds in cyber security. We are passionate champions for our clients, and know from experience that the best solutions for our clients’ needs come from working hard together. As part of our team, your voice matters, and you will do important work that has impact, on people, businesses and nations. Our industry and our company move fast, and you can be sure that you will always have room to learn and grow. We’re proud of our team and the important work we do to build confidence for a more connected world.
 
About Optiv
  • $2 billion in sales in 2015
  • More than 7,500+ clients served in the past three years
  • Works with 69 percent of the Fortune 100 and 58 percent of the Fortune 1000
  • 1,700+ employees
  • More than 250 employees in Colorado (corporate headquarters in Denver, CO)
  • Nearly 400 employees in Kansas City
  • 300+ dedicated client managers (sales reps)
  • 1,200+ cyber security experts
  • 43 total offices, secure operating centers and training centers 
Benefits Highlights
  • Competitive and achievable bonus plan (for some roles)
  • Remote work possibilities and flexible schedules
  • Flexible, no time tracking vacation policy that lets you take the time you need, when you need it
  • 401k retirement savings match
  • Comprehensive medical, vision and dental coverage
 
Optiv is an Equal Opportunity Employer. We are committed to a work environment where everyone is treated with respect. It is our policy to recruit, employ, retain, promote, terminate and otherwise treat any and all employees and job applicants on the basis of merit, qualifications and competence. We will provide equal employment opportunities without regard to race, color, age, sex, religion, national origin, disability, military or veteran status, sexual orientation, gender identity or expression, marital status, genetic information, or any other legally protected status or characteristic.

We will also take affirmative action as called for by applicable laws and executive orders to ensure that minority group individuals, females, disabled veterans, recently separated veterans, other protected veterans, Armed Forces Service Medal veterans, and qualified disabled persons are introduced into our workforce and considered for promotional opportunities.

This policy prohibits retaliation or adverse employment action against anyone who exercises his or her rights under this policy or any anti-discrimination law, who cooperates in any company investigation, or who participates in any investigation or proceeding by any governmental agency.



Share this job:

OPTIV

Unmatched Experience, Know-How and Partnerships in Cyber Security. The Power of Accuvant and FishNet Security Combined
Created in 2015 from the merger of Accuvant and FishNet Security, Optiv is the largest holistic pure-play cyber security solutions provider in North America. We help clients plan, build and run successful cyber security programs that achieve business objectives through our depth and breadth of cyber security offerings, extensive capabilities and proven expertise in cyber security strategy, managed security services, incident response, risk and compliance, security consulting, training and support, integration and architecture services, and security technology. A Blackstone (NYSE: BX) portfolio company, we have served more than 12,000 clients of various sizes across multiple industries, offer an extensive geographic footprint, and have premium partnerships with more than 300 of the leading security technology manufacturers. For more information, visitwww.optiv.com or follow us on TwitterFacebook or LinkedIn.
Visit OPTIV's Social Media pages:
Company Industry: Computer & Network Security
Company Type: Privately Held
Company Size: 1,001-5000