About the Company
Cybereason is on a mission to reverse the adversary advantage by empowering defenders with ingenuity and technology to end cyber attacks.
We have the technology, and now we are looking to expand our talent! - Come and talk to us about joining a market leader and a diverse team of passionate people who win as one, ensuring a customer-first approach is core to everything we do and never giving up on reversing the adversary advantage.
Incident Response Engineer
The Cybereason Incident Response Team is hiring talented and motivated engineers and innovators eager to participate in the development of our advanced suite of high-end response tools and services. Focusing on building and supporting the innovative and industry-leading capabilities being actively deployed and explored by the Cybereason Nocturnus IR team, this is a role for those who are passionate about pushing the industry forward and raising the bar for Incident Response.
The Cybereason Nocturnus IR team technical and operations stack embodies the principles of SecDevOps and rapid development, building firmly from practitioner-led experience of overcoming real-world challenges facing Incident Responders. This role requires experience of both IR investigations/digital forensics, and DevOps implementation and process development.
What you will do:
- Expand and optimize the service-oriented architecture of the Cybereason IR platform to deliver highly robust, scalable, and repeatable analysis techniques to front-line incident responders for a variety of workflows and engagement types
- Innovate new capabilities and technology integrations such as bleeding-edge data science and threat intelligence approaches using the Cybereason graph.
- Conduct research into forensic artifacts, behavioural analysis and threat hunting techniques and implement them in the Cybereason IR investigations platform
- Support and maintain the DevOps backbone of infrastructure and development platforms that underpin the delivery and technical operations processes in Nocturnus IR.
Requirements:
- Bachelor's degree in a technical field, or equivalent practical experience
- Minimum 8 years of Incident Response or comparable industry experience (threat hunting, threat detection and response, malware analysis, etc)
- Knowledge and experience of:
- at least one scripting or development language (ideally Python and Golang)
- Cloud-native CI/CD platforms (such as Google Kubernetes Engine, Amazon EKS, or Oracle OKE)
- Remote Incident Response and forensic toolkits, such as GRR, Osquery, and Velociraptor
- Forensic Investigations of at least one major OS family (Windows, Mac OS, *nix)
...and at least two of the following:
- Digital forensics (disk and memory collection & analysis)
- Network Security Monitoring (NSM), network traffic analysis, and log analysis
- Static and dynamic malware analysis
- Threat Hunting with EDR
- Data Science with Jupyter, Pandas, etc
- Threat Intelligence and adversary tracking
Additional Qualifications:
- Ability to document and explain technical details in a concise, understandable manner
- Ability to manage and balance own time among multiple tasks
Cybereason is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex including sexual orientation and gender identity, national origin, disability, protected veteran status, or any other characteristic protected by applicable federal, state, or local law.
For California Residents: Please View our CCPA Compliance Notice:
CCPA Compliance Notice
#LI-DNI