Sr. Security Incident Response Commander (DFIR))

Advantage Technical - San Jose, CA

posted 3 months ago

Full-time - Senior
Remote - San Jose, CA
1,001-5,000 employees
Administrative and Support Services

About the position

Join the Cyber Defense Center as a Senior Incident Response Commander, where your extensive experience in incident response, digital forensics, investigative skills, and process improvement will be pivotal in minimizing damage, protecting sensitive data, and ensuring business continuity. In this role, you will manage and investigate complex incidents, drive investigations to successful conclusions, and enhance our processes. Collaborating with senior staff, you will execute strategies and elevate our Incident Response program, making a significant impact in the organization. As a Senior Incident Response Commander, you will confidently lead incident response activities, ensuring stakeholder alignment for efficient responses. Your collaboration with leadership will be crucial in implementing strategic initiatives and fostering continuous learning to enhance incident response capabilities organization-wide. You will analyze data points from past or current cases using critical thinking and investigative skills, identifying indicators of compromise, potential attack vectors, and root causes to guide effective resolution steps and discover new connections. Your responsibilities will also include keeping detailed incident records and providing clear, concise reports to leadership, ensuring timely updates and effective communication of critical information to stakeholders. As a technical expert, you will provide support for incidents, guide team members, and offer technical direction, utilizing your expertise to troubleshoot and resolve issues. Continuous improvement will be a key focus, as you enhance incident response through post-incident retrospectives and feedback from security, engineering, and partner teams. Additionally, you will develop and present comprehensive reports, training sessions, and presentations for both technical and non-technical audiences, assisting in designing, documenting, and reporting on incident response processes, procedures, and metrics to optimize efficiency and effectiveness. Staying updated on emerging threats and attack vectors will be essential to maintain your expertise in the evolving cyber landscape.

Responsibilities

  • Lead incident response activities, ensuring stakeholder alignment for efficient responses.
  • Collaborate with leadership to implement strategic initiatives and foster continuous learning.
  • Analyze data points from past or current cases using critical thinking and investigative skills.
  • Identify indicators of compromise, potential attack vectors, and root causes to guide effective resolution steps.
  • Keep detailed incident records and provide clear, concise reports to leadership.
  • Ensure timely updates and communicate critical information effectively to stakeholders.
  • Provide technical support for incidents, guide team members, and offer technical direction.
  • Enhance incident response through post-incident retrospectives and feedback from security, engineering, and partner teams.
  • Develop and present comprehensive reports, training sessions, and presentations for both technical and non-technical audiences.
  • Assist in designing, documenting, and reporting on incident response processes, procedures, and metrics to optimize efficiency and effectiveness.
  • Stay updated on emerging threats and attack vectors.

Requirements

  • At least 8+ years of hands-on experience managing the end-to-end incident response lifecycle, including detection, analysis, and post-incident activities.
  • Proficiency in incident response and digital forensics, particularly in responding at scale.
  • Robust understanding of threat intelligence, malware analysis, and network security concepts.
  • Practical expertise in digital forensics across operating systems, memory analysis, and handling malicious files.
  • Experience in utilizing EDR (Endpoint Detection and Response) tooling for effective incident response and management at scale.
  • Knowledge of reverse engineering or scripting or programming languages is a plus.
  • Strong investigative skills and incident response expertise to effectively manage and resolve complex cases.
  • Excellent analytical skills for analyzing large data sets under pressure.
  • Strong multitasking abilities to address complex challenges and prioritize tasks effectively.
  • Clear and effective communication with diverse stakeholders and engineering teams.
  • Strong written and verbal communication skills to deliver reports and updates and present technical findings to leadership.
  • Curiosity and a commitment to stay updated on emerging technologies and evolving attack methods.
  • Solid understanding of security fundamentals and familiarity with regulatory frameworks such as FedRAMP, ISO 27001, SOC2, HIPAA, FERPA, GDPR, and PCI-DSS.
  • Collaborative mindset to build team relationships and drive projects.

Nice-to-haves

  • Previous government or law enforcement experience with large-scale investigations.

Benefits

  • Paid time off
  • Paid holidays
  • Medical, dental, and vision plans
  • Pre-tax savings plans
  • Pre-tax parking and commuter plans
  • Supplemental health and welfare plans
  • Retirement savings plan
  • Employee assistance program
  • Pet insurance
  • Short-term incentives.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service