• Communicate and collaborate with internal and customer teams to investigate and contain incidents for all escalated security events and investigations.
• Perform technical cyber security investigations on security incidents, root cause analysis, recommend and mitigate the effects caused by an incident.
• Work through client-facing incident response engagements, examine cloud, endpoint, and network based sources of evidence.
• Schedule and lead video calls for collaboration and discussions with clients.
• Recognize Tools, Tactics, and Procedures (TTPs) and Indicators of Compromise (IOC) that can be applied to current and future investigations.
• Build scripts, tools, or methodologies to enhance Binary Defense’s incident investigation processes.
• Assist in creating and revising all standard operating procedures, policies, processes, playbooks, technical reports.
• Develop and present comprehensive and accurate reports, trainings, and presentations for both technical and executive audiences.
• Maintains knowledge and skill set by attending educational workshops or conferences, reviewing publications, writing blog posts, and potentially speaking at conferences or other events.
• Stays up to date on the latest threats, counter measures, and regulations that may affect Binary Defense.
• Ability to write technical documents.
• Ability to work in a fast-paced and collaborative environment.
• Ability to work remotely, with or without others, receive direction, and be a self-starter that takes initiative.

Required Qualifications

​

• Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, a related field, or equivalent practical experience.
• Certified in one or more of the following: GCIH, GCFE, GCFA, GREM, GNFA
• 5+ of experience with investigations in network forensics, host forensics, memory forensics, reverse malware engineering, threat intelligence, and enterprise security architecture. Platforms should be Windows, MacOS, or Linux.
• 2+ years of experience leading incident response investigations, analysis, containment, and remediation actions.
• 1+ years of leadership experience within a SOC or leading IR teams
• SME in multiple cyber security technologies, including firewalls, IDS/IPS, network access control, email and web security, digital forensics, endpoint detection and response, vulnerability scanning and analysis, SIEM, and SOAR technologies.
• Strong experience using SIFT workstation and other digital forensics tools.
• Demonstrated knowledge and experience with Lockheed Martin’s Cyber Kill Chain and the MITRE ATT&CK Framework
• Ability to communicate investigative findings and strategies to technical staff, executive leadership, internal and external clients, and legal counsel.
• Effective time management skills to balance time among multiple tasks and mentor junior staff as needed.
• Strong analytical and problem-solving skills.
• Willingness to learn and continually improve skills to ensure, not only continued success of the business and its objectives, but continued success of its customers, as well.
• Must be a US Citizen and reside in the continental US.

​

Preferred Qualifications

​

• Master’s degree in Cybersecurity, Computer Science, Information Systems, a related field, or equivalent practical experience.
• Python, PowerShell, bash and other scripting languages is preferred.
• 5+ years experience working within a security operations center
• Ability to lead clients in strategic conversations with strong executive presense.
• Experience in Cloud incident response
• Experience working within 1 or more SOAR platforms preferred.

Binary Defense offers competitive medical, dental and vision coverage for employees and dependents, a 401k match which vests every payroll, a flexible and remote friendly work environment, as well as training opportunities to expand your skill set (to name a few!). If you’re interested in joining a growing team with great perks, we encourage you to apply!