Incident Response Security Analyst

  • Category: Support Services
  • Team: Internal Risk and Compliance
  • Location: Chicago, Illinois United States

Description

Position at Trustwave

Trustwave is a leading cybersecurity and managed security services provider focused on threat detection and response. Offering a comprehensive portfolio of managed security services, consulting and professional services, and data protection technology, Trustwave helps businesses embrace digital transformation securely. Trustwave is a Singtel company and the global security arm of Singtel, Optus and NCS, with customers in 96 countries. For more information about Trustwave, visit https://www.trustwave.com.

The CISO’s Office is seeking a qualified Digital Forensics and Incident Response practitioner. Your primary role will be leading the battle to protect and response to cyber events in the corporate and commercial infrastructure spaces for Trustwave. The CISO DFIR role provides a mix of onsite breach investigations, remote analysis, running tabletop exercises and attack simulations, testing detection and response tools and implementations and assisting in the writing of Incident Response reports and remediation plans. 

Experience Requirements:

  • Have several years of experience in digital forensics and/or incident response.
  • Is happy to work independently and get engaged in online chats with a globally distributed team.
  • Have experience with investigating compromises involving large enterprise environments, web applications and credit card processing environments.
  • Experience with forensic tools, you will have access to Encase, W-ways, Axiom, Carbon Black and Cyber Reason along with whatever open source tools you prefer and other commercial tools you can convince us to buy.


Skill Requirements

  • Must be fluent in English, both written and spoken.  
  • Be a fast and lifelong learner
  • Be comfortable chasing malware through systems and familiar with persistence mechanisms, injection methods and detection/evasion techniques.
  • Ability to foster and develop strong client relationships.
  • Be able to decode base64 in their head and write a python script before breakfast. 


DFIR

  • Knowledge of key forensic artifacts in both Windows and *Nix systems. Be able to articulate their significance to an investigation.
  • Experience with scripting in Perl/Python/Ruby very desirable.
  • Experience with both desktop-based and server-based forensics.
  • Comfortable working in a *nix environment.


Bonus experience

  • Contributions to the DFIR community, Blog, twitter, git repos.
  • Conference presentations (but paid marketing events don’t count).
  • Penetration testing experience.
  • Knowledge of and demonstrable experience with a wide range of different attack tools.
  • Application testing skills.
  • Reverse engineering skills. 


Education Requirements

  • We prefer college-educated applicants, but if you have a, high school diploma or equivalent and can prove you have what it takes let us know.
  • Real world experience is preferred over certifications, but Professional certifications such as the Security+, GCIA, and/or CISSP would be nice to have. 


Trustwave is an Equal Opportunity Employer of Minorities, Females, Protected Veterans, and Individuals with Disabilities.
To All Agencies:
Please, no phone calls or emails to any employee of Trustwave outside of the Talent Acquisition team. Trustwave’s policy is to only accept resumes from agencies via the Trustwave Agency Portal. Agencies must have a valid fee agreement in place and they must have been assigned the specific requisition to which they submit resumes, by the Talent Acquisition team. Any resume submitted outside of this process will be deemed the sole property of Trustwave and in the event a candidate is submitted outside of this policy is hired, no fee or payment of any kind will be paid.

Share this opportunity

Trustwave is an Equal Opportunity Employer of Minorities, Females, Protected Veterans, and Individuals with Disabilities.

Trustwave is a leading cybersecurity and managed security services provider focused on threat detection and response. Offering a comprehensive portfolio of managed security services, consulting and professional services, and data protection technology, Trustwave helps businesses embrace digital transformation securely.Trustwave is a Singtel company and the global security arm of Singtel, Optus and NCS, with customers in 96 countries.

To All Agencies: Please, no phone calls or emails to any employee of Trustwave outside of the Talent Acquisition team. Trustwave policy is to only accept resumes from agencies via the Trustwave Agency Portal. Agencies must have a valid fee agreement in place and they must have been assigned the specific requisition to which they submit resumes, by the Talent Acquisition team. Any resume submitted outside of this process will be deemed the sole property of Trustwave and in the event a candidate is submitted outside of this policy is hired, no fee or payment of any kind will be paid.