Description:
Coalition is the world's first Active Insurance provider designed to help prevent digital risk before it strikes. Founded in 2017, Coalition combines broad insurance coverage with a digital risk assessment and continuous security monitoring to help organizations protect themselves in today’s hyper-connected world.
Opportunities to make an impact with bold thinking are real - and happening daily.
Responsibilities
- Drive incident response engagements to guide our customers through forensic investigations, contain security incidents, and provide guidance on longer term remediation recommendations.
- Coordinate and guide incident response assistance from team members and vendors
- Investigate customer data breaches and malicious activity leveraging forensics tools; analyze Windows, Linux, and Mac OS X systems to identify Indicators of Compromise (IOCs); examine firewall, web, database, and other log sources to identify evidence of malicious activity.
- Provide case reporting as required across internal and external audiences with the appropriate technical level of detail for threat researchers and/or business customers.
- Evaluate customer security programs, technologies, controls, and business environments; recommend and develop enhancements.
- Provide recommendations on solutions to help customers navigate information security risk.
- Track emerging security practices and contribute to building internal processes, and our various products.
- Stay abreast of the current regulatory environment, industry trends and related implications.
Skills and Qualifications
- Bachelor’s Degree in Computer Science, Information Security, Engineering, or other relevant subjects.
- 5+ years of incident response or digital forensics experience.
- Demonstrated practiced knowledge of the lifecycle of network threats, attacks, attack vectors, and methods of exploitation with a knowledge of intrusion set tactics, techniques, and procedures.
- Knowledge of TCP/IP Protocols, network assessment and network/security applications, including log and network traffic capture assessment.
- Experience with Velociraptor, Axiom, FTK, SIFT, Volatility, ELK, WireShark, Plaso, Skadi or other open source forensic/log analysis/network assessment tools.
- Experience with EDR tools like CrowdStrike Falcon, Carbon Black, Sentinel One, etc.
- Knowledge of industry standard frameworks – NIST, HIPAA, PCI.
- Self-motivated; entrepreneurial spirit; comfortable working in a dynamic environment.
- Strong interactive communication skills (verbal & written).
- Aptitude to learn technical concepts/terms, and aptitude to guide multiple tasks/projects simultaneously.
- Experience deploying tools to AWS and familiarity using Cloud based platform for assessment.