Cyber Incident Response Proactive Consultant- Secureworks- EMEA

Security Incident Response Consultant- Secureworks- EMEA (Remote)

Secureworks® (NASDAQ: SCWX) a global cybersecurity leader, enables our customers and partners to outpace and outmanoeuvre adversaries with more precision, so they can rapidly adapt and respond to market forces to meet their business needs. With a unique combination of cloud-native, SaaS security platform and intelligence-driven security solutions, informed by 20+ years of threat intelligence and research, no other security platform is grounded and informed with this much real-world experience.www.secureworks.com

We enjoy competitive compensation and benefits packages, and reward and recognize our employees for exceptional results. A constant focus on continued learning and growth keeps our team members engaged and excited about “what’s next.” We offer flexible work options when available and emphasize the importance of work-life balance. We know that when our people are rewarded, recognized, and rejuvenated, we win as a team.

IR Consulting Group

The Security Incident Response Consultant works with customers in the growing area of cybersecurity incident response management. This role focuses on preparing customers to effectively handle cybersecurity incidents as well as occasionally providing advisory services to customers experiencing incidents. Helping customers prepare for incidents includes developing and evaluating response capabilities and plan documentation, delivering training, and conducting exercises to test response capabilities. This role will have an emphasis on providing training support to customers on the topics of incident response as well as spearheading team improvement initiatives.

Additionally, the role will provide support, as needed, to Secureworks Incident Commanders as they respond to customer emergencies. The successful candidate will have experience in developing, managing, and operating incident response capabilities, conducting training, exercises and workshops, and will be familiar with tactics, techniques, and procedures commonly employed by and used to thwart threat actors. Familiarity with the drivers and constraints that organizations are working with and against while trying to secure their infrastructure and data is a necessity.

When COVID travel restrictions are lifted, this position requires up to 60% travel; some travel may have little advance notice.

This is a remote position.

Role Responsibilities

- Serve as subject matter expert in incident response capability development and improvement

- Manage consulting workload, customer requirements, and internal projects and tasking as assigned

- Design and deliver incident response exercises to test customer incident response plans; oversee the delivery of exercises by other consultants

- Develop detailed incident response plans and playbooks based on customer needs

- Contribute to the continual improvement of services that we deliver to customers and the processes that the team utilizes to deliver them

- Support Incident Commanders during active incident response engagements

- Provide objective, actionable, and complete guidance that enables and improves our customers’ incident management capabilities

-Conduct assessments of customer readiness to respond to incidents, including designing and delivering incident response exercises to test customer incident response capabilities; review the assessments of other consultants

- Support complex incident response; review analysis and conclusions of other consultants

-Document findings, develop recommendations and present both orally and in written reports

- Promote Secureworks by participating in external speaking engagements, writing whitepapers and blogposts, and ensuring identification of opportunities for additional support to be provided to customers

Requirements
- Minimum of 5 years of information security experience (Vulnerability Management, Risk and Governance, Threat Intelligence, Security Architecture, etc.)

- Minimum of 2 years of incident response experience responding to customer emergencies

- Minimum of 2 years developing and managing incident response capabilities across multiple departments in an enterprise environment (IR Plans, Playbooks, Tabletop exercises, etc.)

Preferences

- Understanding of vulnerabilities and tools used to discover, analyze, and exploit vulnerabilities

- Networking and system administration experience (Windows and Unix/Linux)

- Experience with common computer forensic / incident response tools and processes

- Operational experience with security tools (firewalls, IDS, IPS, SIEMs, etc.)

- Bachelor's degree in computer science, information systems, information assurance, or equivalent work experience

- Technical or professional certifications such as EnCE, CEH, GCIH, GCFA, CISA or CISSP, etc.

- Familiar with tactics, techniques, and procedures commonly employed by threat actors, and their motivations

- Understanding of at least one framework: ISO 27001/2, FISMA, PCI, HITRUST, NIST 800-series, CoBIT, PCI, etc.

- International travel may be required. The candidate should possess or be able to acquire a passport and be able to travel internationally.

- Demonstrated ability to manage all facets of a customer offering, including presales, marketing, steady state maintenance and development, delivery, and post-delivery

Why work with Secureworks?

Life at Secureworks means collaborating with dedicated professionals with a passion for technology. When we see something that could be improved, we get to work inventing the solution. Our people demonstrate our winning culture through positive and meaningful relationships. We invest in our people and offer a series of programs that enables them to pursue a career that fulfils their potential. Our team members’ health and wellness is our priority as well as rewarding them for their hard work.

Secureworks is part of the Dell Technologies family of brands. If you require any assistance in applying for an open position or have any specific requirements to attend an interview, please contact [email protected]

We are a Disability Confident Committed Employer and aim to ensure our recruitment process is inclusive and accessible. As members of the disability confident scheme, we guarantee to interview all disabled applicants who meet the minimum criteria for the vacancies and ensure our recruitment process is inclusive and accessible.

Secureworks, a Dell Technologies company, is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at Secureworks are based on business needs, job requirements and individual qualifications, without regard to race, colour, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. Secureworks will not tolerate discrimination or harassment based on any of these characteristics.

LIPriority

Job ID: R093820