求人管理ID E21002/138
会社概要 外資系ハードベンダー(PC系)
エージェント30社位
会社規模 501-5000人
役職・部署名 IR eDiscovery Consultant SecureWorks
仕事内容

Position Summary
SecureWorks provides incident response and digital forensics services as part of their consulting practice and looking for incident response and forensics analyst consultant.
Our team of experts covers a range of incident assignments, including:
- Analyzing data breaches, determining the cause and extent of data loss, and advising on immediate, mid-term and long-term remediation;
- Briefing and/ or advising executive management on breach response and best practices;
- Handling complex computer forensics investigations and providing expert services in data leakage, employee malfeasance, and APT investigations;
- Providing focused e-discovery consulting, collection and processing;
- Providing breach plan after-action analysis
- Providing CIRT plan and program development and disclosure planning through tabletop and war gaming scenarios and compliance integration.
We’re looking for someone with:
- A love of all things tech
- In-depth incident response/ computer forensic experience
- An understanding of why firms and corporations hire consulting firms and who the competitors are in the field
- Previous consulting exposure is required to understand the lifestyle
- The enthusiasm and sense of humor to be part of a rapidly growing team
- Ability to travel up to 70% (not kidding)
- Provide weekend and holiday coverage when on-call
The right candidate will be obsessed with accuracy but still able to get relevant results to clients ahead of schedule; be able to triage multiple cases; function in a highly confidential environment; survive without an administrative assistant; and able to work in a team or on their own.
While highly technical, the position also requires an understanding of what makes people tick. In particular, the right candidate will have the ability to rapidly shift gears between a techie and an investigative mindset, and have excellent research skills, being able to analyze and synthesize data from different sources.

勤務地 神奈川県
業種 •IT・インターネット / ハードウエア
年収 900万 ~ 1100万
対象年齢(対象年齢) 30 ~ 43 歳
年齢制限理由 技能等の継承のため労働者数の少ない年齢層を対象とするため
応募資格 The position requires remote lab work at our US office, on-site investigations at clients’ premises throughout the US, and potential travel overseas.
By the nature of incident response, the job can be 24/7 – though we provide a relaxed workplace environment.
Skills, Knowledge & Ability Requirements
· At least 2 years’ active experience as part of an incident response team (either in-house or as a consultant) - for IR Handler
· At least 5 years’ active experience as part of an incident response team (either in-house or as a consultant) and 2 years leading multiple investigations - for Senior IR Handler
· Two or more of the following certifications (one certification from each group minimum):
o Group 1: GIAC Certified Incident Handler (GCIH); GIAC Certified Intrusion Analyst (GCIA); GIAC Reverse Engineering Malware (GREM);
o Group 2: GIAC Certified Forensic Analyst (GCFA); GIAC Certified Forensic Examiner (GCFE); Encase Certified Examiner (EnCE); Certified Computer examine (CCE); AccessData Certified Examiner (ACE)
o Working knowledge of forensic tools such as Encase, FTK, Helix, Knoppix, Slax, Sleuthkit, SIFT, BlackLight and/or MacForensicsLab.
o Experience with Unix, Linux, Mac, and Windows systems; a solid understanding of networking, firewalls, and the various protocols involved in data sharing and communications
o Working knowledge of current data collection, storage, and chain of custody best practices
o Excellent reporting skills (both written and verbal)
o Strong PCI (Payment Card Industry) knowledge and experience
The following, while not required, would be strong bonuses:
· Experience with Snort, Nmap, and/or Backtrack. Understanding the managed security services (MSS) and log retention services.
· Ability to surreptitiously monitor a network and construct a honeypot.
· Working knowledge of cell phone/ PDA forensic tools (e.g. Paraben Device Seizure, Guidance Neutrino, BitPim, Cellebrite, AccessData Mobile Kit).
· Experience testifying, preferably as an expert, in the area of digital investigations or info sec best practices.
· Experience presenting to potential clients or trade groups in the area of incident response or computer forensics.
· Knowledge of open-source analysis, collection, and file repair tools.
· Experience scripting (e.g. Perl, Python, Enscript, Bash, PowerShell, and Ruby) and/ or coding.
· Experience with malware assembly / debugging / reversing.
· Experience working in a data-regulated industry (e.g. HIPAA, breach notification laws, PCI, SOX); credit card fraud investigation.