Incident Response Senior Consultant

CyberArk is seeking a highly skilled Digital Forensics and Incident Response (DFIR) Consultant to join our team. In this role you will be a   technical leader and navigate complex technical incidents, forensics analysis, threat hunting, and malware analysis. You will assist customers in rapidly and effectively resolving security incidents at scale, providing comprehensive incident response, including investigation, containment, and crisis management.

Responsibilities:

• Investigate and analyze incidents with EDR systems to respond to ongoing security incidents in real-time.
• Develop Incident Response initiatives that improve our ability to respond and remediate security incidents effectively.
• Tracing malware activity and patterns and understanding how to remove malware non-destructively.
• Recognize attacker Tools, Tactics, and Procedures (TTP) and Indicators of Compromise (IOC) and apply to future incident response events.
• Analyze binary files to determine the legitimacy and extract IOCs when possible.
• Conducting forensic examinations on physical devices and performing analyses on live and collected memory.
• Create and refine detection and incident response playbooks.
• Collaborate with internal and customer teams to investigate and contain incidents.
• Produce high-quality written reports, presentations, and recommendations, to key stakeholders including customer leadership, and legal counsel.
• Establishing a collaborative environment for sharing data on machine timelines and suspicious events.
• Create operational metrics, key performance indicators (KPIs), and service level objectives to measure team competence.

#LI-KR1