Title: Consultant – Incident Response
Work Location: Remote
Travel: As needed (no more than 20%)
Since 2009, Kivu has provided incident response, risk management, and forensics investigation services to clients around the globe. Kivu is well known in the cyber security industry for our high level of technical expertise and legally sound, practical business solutions. We are a leading provider of incident response and digital forensic services to the cyber insurance community in North America and Europe.
Job Description:
Kivu Incident Response team is seeking Consultants with a deep understanding of both existing and emerging threat actors. Kivu's Consultants identify the changing tools, tactics, and procedures of attackers. Our consultants must work through an incident's overall context, understand attacker behaviors, manage client-facing projects, and mentor other security consultants. Kivu's Consultants possess sound business acumen to assess the clients' need to recover from the event and then use strong consulting and technical skills to lead multiple projects to deliver the right solution.
Required Knowledge, Skills, Abilities:
- 3+ years of comparable experience in incident response, security operations, or similar
Experience with at least three of the following:
-
- Windows disk and memory forensics
- Network traffic analysis and log analysis
- Linux disk analysis
- Memory/Volatile evidence forensics
- Thorough understanding of enterprise security controls in Active Directory/Windows environments
- Strong communications skills, both verbal and written, to communicate investigative findings and strategies to technical staff, executive leadership, legal counsel, and internal and external clients.
- Cloud services such as Azure, AWS and GCP
- Effectively develop documentation and explain technical details in a concise, understandable manner
- Strong time management skills to balance time among multiple tasks and lead junior staff when required.
- Must be able to work in the US without sponsorship.
Responsibilities and Duties:
- Conduct host forensics, network forensics, and malware triage in support of incident response investigations.
- Including firewall, web, database, and other log sources to identify evidence of malicious activity and data compromise.
- Windows, Linux, and MAC OS analysis.
- Utilize Kivu technology and available forensic tools to conduct investigations of all scales.
- Provide support to senior team members to guide security incidents and forensic investigations for clients.
- Recognize and collect attacker tools, tactics, and procedures in indicators of compromise (IOCs) that can be applied to current and future investigations.
- Develop and present comprehensive and accurate reports, presentations for both technical and executive audiences.
Equipment Used:
All equipment required to perform duties and tasks were previously described.
Physical / Environmental Factors:
The physical demands are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Kivu Consulting considers applicants for all positions without regards to race, color, national origin, age, religion, sex, marital status, veteran or military status, disability, or any other legally protected status. Kivu Consulting is an Equal Opportunity Employer.
Benefits:
- Flexible PTO
- Medical, Dental, and Vision
- 401k
- Remote Work
