Dell Incident Response Sr. Advisor (Team Echo) - Secureworks - Remote in DALLAS, Texas

Incident Response Advisor (Team Echo) - Remote

SRC-IR Group

Secureworks is a global leader in providing intelligence-driven information security solutions. We play an important role, as no organization in the world is immune from cyberattacks and the nature of the attack is changing every day. Internet security is a problem that will never be solved. Unlike point products that address a specific technology issue, we attack the problem holistically by analyzing threat actor tactics, techniques and procedures, and develop solutions using best-of-breed technologies to protect our clients. We are one of the best in the world at understanding the threat.

In short, we give our clients an early warning capability. Secureworks was founded in 1999 and headquartered in Atlanta, Ga., with offices in all the major security markets around the globe. We have more than 2,000 team members, and partner with more than 4,200 clients in 59 countries to keep the bad guys out of their networks. We’ve been consistently recognized by industry analysts, readers’ polls and as a leader in the Gartner Magic Quadrant for managed security services, worldwide.

Role Overview

The Incident Response Advisor works with clients in the growing area of cybersecurity incident response management. This role focuses on preparing clients to effectively handle cybersecurity incidents as well as occasionally providing advisory services to clients experiencing incidents. Helping clients prepare for incidents includes developing and evaluating response capabilities and plan documentation, delivering training, and conducting exercises to test response capabilities. The successful candidate will have experience in developing, managing, and operating incident response capabilities, conducting training, exercises and workshops, and will be familiar with tactics, techniques, and procedures commonly employed by and used to thwart threat actors. Familiarity with the drivers and constraints that organizations are working with and against while trying to secure their infrastructure and data is a necessity.

This is a remote position and requires up to 50% travel.

Role Responsibilities

-Promote Secureworks by participating in external speaking engagements, writing whitepapers and blogposts, and ensuring identification of opportunities for additional support to be provided to clients

-Design and deliver incident response exercises to test client incident response plans; oversee the delivery of exercises by other consultants

-Develop detailed incident response plans and playbooks based on client needs

-Contribute to the continual improvement of services that we deliver to clients and the processes that the team utilizes to deliver them

-Serve as subject matter expert in incident response capability development and improvement

-Provide objective, actionable, and complete guidance that enables and improves our clients’ incident management capabilities

-Conduct assessments of client readiness to respond to incidents, including designing and delivering incident response exercises to test client incident response capabilities; review the assessments of other consultant

-Manage consulting workload, client requirements, and internal projects and tasking as assigned

-Support complex incident response; review analysis and conclusions of other consultants

-Document findings, develop recommendations and present both orally and in written reports

As a managed security provider, Secureworks expects its employees to understand and apply commonly known security practices and possess a working knowledge of applicable industry controls such as NIST 800-53. Employees will be expected to acknowledge their security responsibilities in writing prior to gaining access to company systems. Employees will be required to maintain a working knowledge of local security policies and execute general controls as assigned.

Requirements

-Minimum of 5 years of information security experience (Vulnerability Management, Risk and Governance, Threat Intelligence, Security Architects, etc.)

-Minimum of 2 years of experience developing and managing incident response capabilities

Preferences

-Operational experience with security tools (firewalls, IDS, IPS, SIEMs, proxies, VPNs)

-Understanding of vulnerabilities and tools used to discover, analyze, and exploit vulnerabilities

-Bachelor's degree in computer science, information systems, information assurance, or equivalent work experience

-Technical or professional certifications such as GCFA, CISA or CISSP, etc.

-Familiar with tactics, techniques, and procedures commonly employed by threat actors, and their motivations

-Understanding of at least one framework: ISO 27001/2, FISMA, PCI, HITRUST, NIST 800-series, CoBIT, PCI, etc.

-Strong technical communication skills (oral and written) including experience briefing executive management and desire to work with clients to solve complex security issues, including at times in crisis situations

-Experience briefing senior-level leadership, and conveying technical subject matter to audiences of varying backgrounds and skill levels

Location

Remote

Secureworks is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy), sexual orientation, gender identity and/or expression, national origin, protected veteran status, disability, genetics, or citizenship status (when otherwise legally authorized to work) and will not be discriminated against on the basis of such characteristics or any other status protected by the laws or regulations in the locations where we operate. Secureworks encourages applicants of all ages.

Organization: Security Solutions

Title: Incident Response Sr. Advisor (Team Echo) - Secureworks - Remote

Location: North America-US-TX-Dallas

Requisition ID: 17000X0D