Principal Incident Response Consultant – RSA IR Practice
RSA, The Security Division of Dell, is the premier provider of security solutions for business acceleration, helping the world’s leading organizations succeed by solving their most complex and sensitive security challenges. RSA’s information-centric approach to security guards the integrity and confidentiality of information throughout its lifecycle no matter where it moves, who accesses it or how it is used. We would like to speak with candidates interested in being part of the Network Security Incident Response Team, leveraging the NetWitness product line. NetWitness is a revolutionary network monitoring platform that provides enterprises a precise and actionable understanding of everything happening on the network. NetWitness solutions are deployed in customer environments to solve a wide range of challenging information security problems including: insider threats, zero-day exploits and targeted malware, advanced persistent threats, fraud, espionage, data leakage, and continuous monitoring of security controls.
Job Description: The IR consultant provides RSA customers with rapid tactical insight into the activities taking place on their networks. Through the capture and expert analysis of live network traffic utilizing the NetWitness NextGen platform the consultant determines the overall state of the network and identifies and reports all areas of concern. Performs research and develops techniques to identify and mitigate threats. Stays abreast of emerging threats and develops creative solutions to solve customer
Conduct incident response engagements.
Summarize and report findings to key stakeholders.
Incident response subject matter expert.
Mentor junior staff members.
Required Skills and Experience:
Excellent written/verbal communication and interpersonal skills, Network traffic analysis, Network Forensics & Host Forensics Experience.
Malware reverse engineering techniques and tools desired. Ability to distill complex technical concepts into business terms that decision makers can use to quickly take action.
Expert level knowledge of typical attack vectors and system penetration techniques. Advanced Linux/Windows skills Familiar with NIST guidelines (800-61, 800-86).
Understanding of Network Protocols and security infrastructure (proxies, firewalls, email filtering technologies, and network intrusion detection systems).
Experience with tools such as RSA NetWitness, enCase, FTK, Mandiant, WireShark, OllyDbg, IDAPro or similar network monitoring, packet capture and analysis, networks forensics and analysis tools.
Incident Response Engagement Consulting Experience Desired.
Instruction Detection Systems / Intrusion Prevention Systems / SIEM Tools Experience and Education
3 or more years in incident response role.
BS/MS in Computer Science or equivalent experience.
Certifications in any of these areas (GIAC, CEH, CISSP, GCIH, GREM, GCIA, GPEN, GCFE, etc)
Active top secret security clearance is preferred, not required.
Travel Up to 60%.
We offer highly competitive salaries, bonus programs, world-class benefits, and unparalleled growth and development opportunities — all to create a compelling and rewarding work environment.
Dell is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at Dell are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. Dell will not tolerate discrimination or harassment based on any of these characteristics. Learn more about Diversity and Inclusion at Dell here.
Job Family: RSA
Job ID: R027424