Browse
Employers / Recruiters

Incident Response Lead

coalition · 30+ days ago
Negotiable
Full-time
Continue
By pressing the button above, you agree to our Terms and Privacy Policy, and agree to receive email job alerts. You can unsubscribe anytime.

About us

Coalition is the world's first Active Insurance provider designed to help prevent digital risk before it strikes. Founded in 2017, Coalition combines broad insurance coverage with a digital risk assessment and continuous security monitoring to help organizations protect themselves in today’s hyper-connected world.

Opportunities to make an impact with bold thinking are real - and happening daily.

About the role

As an Incident Response Lead your mandate is to protect our customers from loss by guiding teams of incident responders in digital forensics and incident response engagements with a wide variety of consumers.    As a part of this mandate you will assist Coalition’s consumers through data breaches and claims events, guiding incident response efforts with our consumers and partners.  You will own engagement planning, implementation, and communication, guiding and advising customers and their legal counsel.  Incident Response Leads are also asked to provide advice on topics ranging from security architecture and cloud security to data protection and compliance.  

Our team is composed of bright minds across many cybersecurity domains, with expertise in Incident Response, Threat Intelligence, Security Architecture, Cyber Risk Management, Security Strategy, Controls, Compliance, and Governance.  We need you to be a self-starter, assured with consumers, and passionate about customer service.  You will need to be able to drive the investigation of  ransomware and business email compromise cases from scoping to report delivery.

Responsibilities

  • Drive incident response engagements to guide our customers through forensic investigations, contain security incidents, and provide guidance on longer term remediation recommendations.
  • Coordinate and guide incident response assistance from team members and vendors
  • Investigate customer data breaches and malicious activity leveraging forensics tools; analyze Windows, Linux, and Mac OS X systems to identify Indicators of Compromise (IOCs); examine firewall, web, database, and other log sources to identify evidence of malicious activity.
  • Lead proactive cybersecurity advisory and consulting engagements such as:
    • Tabletop Exercises: lead and facilitate tabletop exercises designed to simulate real-world cyber incidents, helping clients enhance their incident response preparedness and resilience.
    • Assessments: conduct comprehensive cybersecurity assessments to evaluate clients' security postures, identify vulnerabilities, and provide actionable recommendations for improvement.
    • Documentation Reviews: evaluate and refine clients' incident response plans, policies, and procedures to ensure they align with industry best practices and regulatory requirements.
  • Strategic Guidance and Client Engagement:
    • Advisory Role: Provide strategic guidance to clients on enhancing their security architectures, cloud security strategies, and compliance frameworks such as NIST, HIPAA, and PCI.
    • Long-Term Remediation: Beyond immediate incident containment, collaborate with clients to develop and implement longer-term remediation strategies to strengthen their security postures.
    • Process Enhancement: Contribute to the refinement and improvement of internal processes, methodologies, and service offerings based on your consulting insights and industry expertise.
  • Provide case reporting as required across internal and external audiences with the appropriate technical level of detail for threat researchers and/or business customers.
  • Evaluate customer security programs, technologies, controls, and business environments; recommend and develop enhancements.
  • Provide recommendations on solutions to help customers navigate information security risk.
  • Track emerging security practices and contribute to building internal processes, and our various products.
  • Stay abreast of the current regulatory environment, industry trends and related implications.

Skills and Qualifications

  • Bachelor’s Degree in Computer Science, Information Security, Engineering, or other relevant subjects.
  • Minimum of 5+ years of incident response or digital forensics experience.
  • Demonstrated practiced knowledge of the lifecycle of network threats, attacks, attack vectors, and methods of exploitation with a knowledge of intrusion set tactics, techniques, and procedures.
  • Consultative Approach: Ability to effectively communicate complex technical concepts to non-technical stakeholders and provide actionable recommendations.
  • Analytical Skills: Proficiency in analyzing security programs, technologies, and environments to identify gaps and recommend enhancements.
  • Regulatory Knowledge: Familiarity with regulatory requirements and frameworks (e.g., NIST, HIPAA, PCI) is essential for advising clients on compliance issues.
  • Project Management: Experience managing multiple projects simultaneously, from initial scoping through to final deliverables, ensuring high-quality results and client satisfaction.
  • Knowledge of TCP/IP Protocols, network assessment and network/security applications, including log and network traffic capture assessment.
  • Experience with Velociraptor, Axiom, FTK, SIFT, Volatility, ELK, WireShark, Plaso, Skadi or other open source forensic/log analysis/network assessment tools.
  • Experience with EDR tools like CrowdStrike Falcon, Carbon Black, Sentinel One, etc.
  • Knowledge of industry standard frameworks – NIST, HIPAA, PCI.
  • Self-motivated; entrepreneurial spirit; comfortable working in a , dynamic environment.
  • Strong interactive communication skills (verbal & written).
  • Aptitude to learn technical concepts/terms, and aptitude to guide multiple tasks/projects simultaneously.
  • Experience deploying tools to AWS and familiarity using Cloud based platform for assessment.

Bonus Points

  • Security policy, governance, privacy or regulatory experience (e.g., NIST, ISO, HIPAA, PCI).
  • Securing cloud based platforms (Microsoft Azure, Amazon AWS, etc.).
  • Experience with system hardening procedures for Windows, Linux, Unix is helpful.Knowledge and/or experience with Nmap, Nessus, Nexpose, Qualys, Burp, Kali, Metasploit, Meterpreter, or other offensive tools is helpful.
  • Knowledge of scripting for development of security tools and industry frameworks is helpful.
  • SCADA/Control systems network experience is a plus.

Why Coalition? 

We’re a remote-first, mission-driven team committed to building a more inclusive culture with people of all different backgrounds. We trust our team members to take responsibility, share ownership, and put in the work to help us in our pursuit to solve digital risk.

Coalition’s exceptional growth stems from its ability to address real-world problems for organizations of all sizes and remain true to our founding values of character, humility, responsibility, purpose, authenticity, and inclusion. 

We’re always looking for collaborative, inquisitive individuals to join #OurCoalition.

Visit our Newsroom >

 

Privacy Notice

Coalition is committed to protecting your privacy. We want you to understand what personal information we collect and how we use it. We also want you to understand your options regarding our collection, use, and disclosure of such information and your ability to access and correct such information. As the leading provider of active insurance, Coalition is required to adhere to certain local regulations, including U.S. federal and state laws that protect your information and our use and disclosure of it.

Information submitted, collected, and processed as part of your application is subject to Coalition's Privacy Policy.

Anti-Discrimination Notice

Coalition is proud to be an Equal Opportunity employer. It is our policy to provide equal opportunity to all individuals seeking employment without regard to race, color, religion, religious creed, national origin, age, sex, marital status, ancestry, physical or mental disability, military or veteran status, gender, gender identity, gender expression, sexual orientation, medical condition, genetic information, or any other protected category under federal, state, or local law. We also prohibit harassment or discrimination of applicants based on the above-protected categories. This policy covers all aspects of employment, including but not limited to, recruitment, selection, training, promotion, transfer, compensation, demotion, and termination of employment.

Accommodations

Coalition complies with US federal and state disability laws. Our policy is to provide reasonable accommodations to qualified individuals with disabilities, including applicants and employees unless the accommodation imposes an undue hardship. Contact us by emailing candidateaccommodations@coalitioninc.com if you require reasonable accommodation to complete this application, interview, pre-employment testing, or participating in the employee selection process.

We consider qualified applicants, regardless of criminal histories, consistent with legal requirements.

To all recruitment agencies: Coalition does not accept unsolicited agency resumes. Do not forward resumes to our email alias, employees, or other physical or virtual organization locations. Coalition is not responsible for any fees related to unsolicited resumes.

Last updated on Aug 21, 2024

See more

About the company

More jobs like this

Analyzing
Data Protection Engineer
G
global-channel-management-inc

Raleigh, North Carolina

 · 

30+ days ago

System Analyst
B
b6jdnwcpcemgg8el3r9winlpunj8hc038b1vkhowrzxn9gitznreodi38t7rirkp

Chapel Hill, North Carolina

 · 

30+ days ago

Fredericksburg, Virginia

 · 

30+ days ago

System Analyst
T
two95-international-inc-3

Remote

 · 

30+ days ago

Denver, Colorado

 · 

30+ days ago

Washington

 · 

30+ days ago

System Analyst
3
3djdnw5yqdh8wl3frr5t6561tvvokq01affwpxt3lcutzo4f8yt1aeiy3msk02or

Reston, Virginia

 · 

30+ days ago

System Analyst
C
crjdnwsnowo2i4nz45b1teboszrxlg0351vr73gpqw7yanury9u287prckhdnkww

Irving, Texas

 · 

30+ days ago

Application Analyst - IT
9
9xjdnwf8nt489qdiu4ab0qq7clsnet01f27n6pjaxju02yq1u697ou3dvfougsq9

Denver, Colorado

 · 

30+ days ago

Systems Analyst 1
R
rsjdnwc9jel4i3xyjsm3m8vnhrmayk037bphn44zg3i1bl3dcjtqhqlclsisinpr

Michigan

 · 

30+ days ago

Developed by Blake and Linh in the US and Vietnam.
We're interested in hearing what you like and don't like! Live chat with our founder or join our Discord
Changelog
🚀 LaunchpadNov 27
Create a site and sell services based on your resume.
🔥 Job search dashboardNov 13
Revamped job search UI with a sortable grid, live filtering, bookmarks, and application tracking.
🫡 Cover letter instructionsSep 27
New Studio settings give you control over AI output.
✨ Cover Letter StudioAug 9
Automatically generate cover letters for any job.
🎯 Suggested filtersAug 6
Copilot suggests additional filters above the results.
⚡️ Quick applicationsAug 2
Apply to jobs using info from your resume. Initial coverage of ~200k jobs in Spain, Germany, Austria, Switzerland, France, and the Netherlands.
🧠 Job AnalysisJul 12
Have Copilot read job descriptions and extract out key info you want to know. Click "Analyze All" to try it out. Click on the Copilot's gear icon to customize the prompt.
© 2024 RemoteAmbitionAffiliate · Privacy · Terms · Sitemap · Status