Job Information
CrowdStrike, Inc. Manager, Incident Response Consulting (Remote) in Kirkland, Washington
CrowdStrike, Inc. Full time R19851 About the Role: Am I an Incident Response Manager Candidate?
Are you able to lead teams through complicated incident response investigations?
Do you find yourself interested in and keeping up with the latest vulnerabilities and breaches?
Are you self-motivated and looking for an opportunity to rapidly accelerate your skills?
Do you crave new and innovative work that actually matters to your customer?
Do you have an Incident Response or Information Security background that you're not fully utilizing?
Are you capable of leading teams and interacting with customers?
Do you love working around like-minded, smart people who you can learn from and mentor on a daily basis?
What You'll Do:
Lead incident response engagements
Perform initial triage and scoping for prospective clients to understand the client objectives and level of effort involved to complete objectives
Effectively communicate with executives on the topics of forensics and malware analysis
Develop and use new methods to hunt for bad actors across large sets of data
Work under the direction of outside counsel to conduct intrusion investigations
Coach and mentor junior analysts on performing host and/or network-based forensics across Windows, Mac, and Linux platforms
Provide strategic, applicable, and feasible recommendations to help mature the security posture of organizations during and after an incident
Produce high-quality written and verbal reports, presentations, recommendations, and findings to key stakeholders including customer management, regulators, and legal counsel
Demonstrate industry thought leadership through blog posts, CrowdCasts, and other public speaking events
What You'll Need: Successful candidates will have experience in one or more of the following areas:
Team leadership experience in a matrixed consulting environment
Incident Response: experience conducting or managing incident response investigations for organizations, investigating targeted threats such as the Advanced Persistent Threat, Organized Crime, and Hactivists
Computer Forensic Analysis: a background using a variety of forensic analysis tools in incident response investigations to determine the extent and scope of compromise
Network Forensic Analysis: strong knowledge of network protocols, network analysis tools like Bro/Zeek or Suricata, and ability to perform analysis of associated network logs
Reverse Engineering: ability to understand the capabilities of static and dynamic malware analysis
Incident Remediation: strong understanding of targeted attacks and able to create customized tactical and strategic remediation plans for compromised organizations
Network Operations and Architecture/Engineering: strong understanding of secure network architecture and strong background in performing network operations
Cloud Incident Response: knowledge in any of the following areas: AWS, Azure, GCP incident response methodologies
All Candidates Must Possess the Following Qualifications:
Capable of completing technical tasks without supervision
Desire to grow and expand both technical and soft skills
Strong project management skills
Contributing thought leader within the incident response industry
Ability to foster a positive work environment and attitude
Ability to travel on short notice, up to 30% of the time
#LI-Remo