Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: InfoSec Jobs - SANS Internet Storm Center InfoSec Jobs

Participate: Learn more about our honeypot network
https://isc.sans.edu/honeypot.html

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Incident Response Analyst
Company Check Point Software Technologies Ltd.
Location United States: Atlanta GA, New York NY, Washington DC, Rockville MD, Richmond VA, Baltimore MD, Orlando FL, Huntsville AL, Arlington VA
Preferred GIAC Certifications GCIH, GCFE, GCFA,
Travel 0%
Salary Not provided
URL https://careers.checkpoint.com/index.php?m=cpcareers&a=show&joborderid=15355&source=3
Contact Name Anonymous
Contact Email do-not-email/at/email.org
Expires 2022-08-23

Job Description

We, Check Point Incident Response Team, are a vendor agnostic global IR team that assists companies world wide when they're in need.
Engagements may vary depending on your interests and skillset and can vary from compromise assessments, RCA's, active IR handling, TTX's, IR Plans and Playbooks, Attack Surface Mapping Analysis, AD Assessments, ....

In short... we're having tons of fun, knowledge gaining and most importantly, we really do our utmost in going above and beyond for the companies that reach out to us!
We help not people!

- Are you passionate about digital forensics and incident response?
- Are you up for the adventure of jumping into complex situations as a leading IR analyst?
- Eager to conduct in depth investigations while advising and reporting to the customer?
- Would you like working in a global IR team where we have exciting opportunities for you to innovate, influence and grow within our organisation.

If all this sounds like music to your ears... then we might be a match!
Want to find out more?
Then don't hesitate and check this out:
https://careers.checkpoint.com/index.php?m=cpcareers&a=show&joborderid=15355&source=3

Come and talk to us!

### Your Impact & Responsibilities
- Responsible for daily incident management of customer incidents
- Perform incident response and forensic analysis of compromised systems, identify and provide recommendations for remediation
- Formulate and direct incident response efforts, prioritize those response efforts, and create legible incident reports that describe the compromise vector, attacker methodologies and artifacts
- Ability to manage complicated global incidents
- Build incident response plans and playbooks
- Creation of detailed incident reports for customers
- Build sandbox/test lab environments to evaluate malicious code
- Provide solutions for Security Orchestration leveraging API, Open Source, python, bash or powershell where applicable
- Work within a team environment and will be responsible for coordinating work actions

### Your Knowledge & Skills
- 2-5 years of experience performing incident response with an emphasis on system compromise analysis
- 2-5 years of endpoint or network forensics
- Experience of performing security reviews/vulnerability risk assessments of network environments using both manual procedures and automated analysis tools.
- Experience of the TCP/IP protocol suite, security architecture, and remote access security techniques/products.
- Experience with enterprise security solutions, virus outbreak management, and the ability to differentiate virus activity from directed attack patterns
- Experience leveraging APIs or scripting solutions
- Some form of administration or development work for mission-critical security systems
- Ability to participate in on-call rotation
- Domestic and International travel may be required
- Must be eligible to work in the US without sponsorship from an employer now or in the future.