Cyber Analyst - Digital Forensics Incident Response

September 23

Apply Now

Receive Emails with Similar Jobs

At-Bay

WebsiteLinkedInAll Job Openings

Cyber Insurance • Cyber • Cyber liability • Insurance • IT Security

201 - 500 employees

Founded 2017

🔒 Cybersecurity

💳 Fintech

💰 $3.7M Venture Round on 2022-09

Description

• Cybersecurity Analysts focused on Digital Forensics and Incident Response (DFIR) deliver incident investigation and response services to At-Bay insureds via: • Forensically sound collection, transmission, and storage of digital evidence • Analysis of digital evidence to identify indicators of compromise and adversary activity • Development of incident timelines and theories of compromise • Identification of incident root causes • Participation in threat actor negotiations as necessary (e.g., ransom negotiations, etc.) • Participation in incident recovery (e.g., restoration of data from backups, reimaging workstations and servers, rebuilding network infrastructure, etc.) activities as necessary • Development and delivery of incident reports to document key incident details for engagement stakeholders including executive leaders for insureds, breach coach attorneys, and At-Bay claims management staff as necessary • Development and delivery of recommendations to mitigate the risk of future incidents for impacted insureds • Development and delivery of incident response training and simulations for targeted insureds

Requirements

• Bachelor’s degree or equivalent • Minimum of 2 years of experience in cybersecurity operations, incident response, incident recovery, or another security discipline • Willingness to travel as needed to perform job functions • Previous digital forensics and incident response experience • Strong oral and written communication skills • Previous hands-on experience performing digital forensics and incident response, including several of the following: • Business Email Compromise • Ransomware • Digital evidence collection and analysis • Development and analysis of cyber threat intelligence • Leadership of or participation in investigations involving digital evidence • Intrusion detection / cyber threat hunting • Malware analysis • Incident recovery activities such as restoration of data from backups, operation of decryptor tools, etc. • Previous hands-on experience working in information technology operations (e.g., Network Operations Center, Security Operations Center, Incident Response Team, etc.)