Deloitte Cyber Incident Response Manager in Los Angeles, California
Cyber Incident Response Manager
Are you interested in improving the cyber and organizational risk profiles of leading companies? If your response is yes, consider joining Deloitte & Touche LLP's growing Cyber practice.
Work you'll do
Conduct advanced computer and network forensic investigations relating to various forms of malware, computer intrusion, theft of information, denial of service, data breaches, etc.
Assist clients in identifying and remediating gaps as identified throughout the investigation
Provide clients guidance and advice in regards to cyber incidents, forensics, and incident response
Document findings and create well written reports
Deloitte Cyber Risk team is the "boots on the ground" that manages and responds to live incidents, using their skills in digital forensics, incident response, IT security, and incident handling. We are expected to be and treated as subject matter specialists in our field. Join the team developing the future state of cyber risk solutions. Learn more about Deloitte Advisory's Cyber Risk Services practice.
8+ years of information security experience in one or more of the following areas: IT security, incident handling and response, exploit analysis, network intelligence gathering, vulnerability management, digital forensics methods and procedures
Must have Linux/Unix technical experience including creation and modification, administration, troubleshooting, and/or forensic and Incident Response experience
Actual technical skills. Should be able to conduct an investigation from start to finish given a wide variety of available tools and resources.
5+ years of experience with at least two of the following tools: X-ways Forensics, Forensic Explorer, EnCase Forensic, EnCase Enterprise, AccessData FTK, Volatility, SANS SIFT, Carbon Black, Internet Evidence Finder/Axiom
Familiarity with threat intelligence and applied use within incident response and forensic investigations
Experience with malware analysis and understanding attack techniques
Experience interpreting, searching, and manipulating data within enterprise logging solutions
Experience working with network, host, and user activity data, and identifying anomalies
BA/BS in computer science, management information systems or related field or significant industry experience required.
CISSP, CISM, EnCE, CEH, GCFA, GCFE, or GCIH certification required.
Ability to demonstrate an investigative mindset. Not just being able to execute a task, but being able to understand the reason for that task, and determine next steps depending on the results while maintaining a firm grasp of the overall goals of the entire process.
Outstanding written and oral communication skills and the ability to prioritize work
The ability to be a strong team player and working well with others
Demonstrable personal interest in computing, security, and digital communications
Travel up to 10% (While 10% of travel is a requirement of the role, due to COVID-19, non-essential travel has been suspended until further notice)
Limited sponsorship may be available
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.