Senior Incident Response Consultant

May 05, 2021 - Germany, Remote

What You’ll Do

As, Cisco Talos Incident Response Consultant, you will work within established methodologies to perform a variety of Incident Response related activities for Cisco customers this will include emergency response to cyber incidents, proactively hunting for adversaries in customer networks, crafting and performing Table-Top Exercises, performing IR Readiness Assessments, and delivering an immersive Cyber Range workshop. You demonstrate leadership abilities, clear and concise communication with partners, ability to lead during a crisis, personal agility to adapt to changing environments, and a strong comprehension of malware, emerging threats and calculating risk will be critical to success.

Who You’ll Work With

When you work with us, you’ll be part of a distributed team of highly empowered Incident Response and Cyber Threat Intelligence professionals who work as a collaborative team passionate about helping our clients be both better prepared to defend against adversaries on their network, as well as responding to active incidents within their network.

Who You Are

Both your clients and your colleagues consider you a personable, eloquent individual, and a born diplomat. You check your ego at the door and learn from others constantly, while also helping to educate those who aren’t as proficient as you are in technical or procedural topics.

What we’re looking for in you:

  • Respond to global cyber incidents caused by internal and external threats to our customers, that may involve nontraditional working hours.
  • Be willing to routinely travel with less than 24-hour notice, up to 35% of the time.
  • Can clearly communicate the Incident Response Lifecycle and the Kill Chain (Attack) Life Cycle.
  • Demonstrate capability to map technical findings to business impacts and communicate those in a manner which is understandable by a non-technical audience.
  • Be able to scope an incident, gain consensus on objectives with customers, and lead a team of consultants during an emergency engagement.
  • Specialize in host centric analysis utilizing forensic tools (e.g. F-Response, X-Ways, Volatility, Cisco AMP, etc.).
  • Specialize in network forensic analysis with a good understanding of network protocols.
  • Design, lead and participate in Table-Top Exercises with customers.
  • Proactively seek for adversaries on customer networks using a variety of tools and techniques.
  • Draft communications, assessments, and reports that may be both internal and customer facing, to include leadership and executive management.
  • Understanding of different attacks and how best to craft custom detection, containment, and remediation plans for customers.
  • Serve as a liaison to different businesses and collaborate with fellow team members and colleagues on other security teams. As-needed, manage relationships with business partners, management, vendors, and external parties.
  • Demonstrate industry leadership through blog posts and public speaking at conferences and events.
  • Bachelors’ Degree in Computer Science or a related technical degree; or, equivalent industry experience.
  • Experience in information security and handling incidents.
  • Willing to be on-call and work off-shift hours, to include nights, weekends, and holidays.

Desired Characteristics:

  • Detailed understanding of current cyber security threats, attacks, and countermeasures. Such as Advanced Persistent Threat (APT), Cyber Crime, Hacktivism and associated tactics.
  • Strong track record of understanding and interest in recognized IT Security-related standards and technologies, demonstrated through training, job experience and/or industry activities.

IT Security Certifications

Industry certifications such as the CISSP, CISM, CISA, GCIH, CFCE, GCFA, GNFA, and/or GCFE.

Why Cisco Talos IR!

We always strive to do the right thing, for our team, for our customers, and for the world! We connect everything: people, processes, data, and things. We innovate everywhere, taking bold risks to shape the technologies that give us smart cities, connected cars, and handheld hospitals. And we do it in style with unique personalities who aren’t afraid to change the way the world works, lives, plays and learns. We celebrate the creativity and diversity that fuels our innovation. We are dreamers and we are doers. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.