Sr. Consultant – Threat Incident Management | Remote, USA at Optiv – Overland Park, KS

This position is fully remote and can be hired anywhere in the continental US.

We are seeking a highly experienced and skilled Senior Incident Response (IR) Consultant to lead complex digital investigations, whilst maintaining a strong business focus and exceeding client expectations. This role requires a strategic thinker who can work both independently and as a team leader to handle advanced cyber incidents including Zero Day Exploitation, Business Email Compromise, Unauthorized Access, Sensitive Data Exposure, Insider Threat, Malware Analysis and Threat Hunting.

Who we are looking for

• Lead and mentor a team of IR consultants, provide guidance on complex investigations and stimulate their professional development

• Develop and implement advanced incident response strategies for enterprise-level organizations

• Perform in-depth analysis of complex attacks and synthesize multiple findings to identify advanced threat patterns

• Lead the development and continuous improvement of IR practice through industry contributions and innovative approaches

• Act as an expert in a particular area, advising C-level executives on critical security issues and risk mitigation strategies

• Encourage the development of new tools and automation processes to improve the efficiency of IR operations

• Ability to combine multiple separate findings to identify complex attacks and incidents

• Ability to manually collect relevant data sources during an incident.

• Ability to identify, describe and report threat vectors and forensic artifacts

How you will make an impact

• Bachelor’s degree in information security, computer science, management information systems, or a related field.

• Over 8 years of experience in incident response, with proven experience handling enterprise-level security incidents.

• Previous experience in incident response, including experience with containment and isolation, forensics, root cause analysis and/or elimination and recovery at enterprise-level organizations.

• Demonstrable leadership experience in managing IR teams and complex projects.

• Strong programming and scripting skills for developing advanced security tools.

• Excellent communication skills, with the ability to convey complex technical concepts to both technical and non-technical audiences, including management.

• Ability to travel to customer locations 25-40% of the time.

• This position requires 24/7/365 on-site responsiveness and willingness to work evenings, nights, and weekends/holidays.

• Knowledge of commercial and open-source security tools required (EnCase, FTK, XWays, Splunk, ELK, EZ Tools etc.)

• Knowledge of Endpoint Detection and Response (EDR) products such as SentinelOne, Carbon Black, CrowdStrike, etc.

• Passion for creating tools and automation to make common tasks more efficient.

• Knowledge of programming and scripting for the development of security tools is a plus.

• Demonstrated ability to prepare comprehensive incident reports is required.

• Must be able to deal well with customers and independently resolve difficult situations. Emphasis should be on customer satisfaction.

• The ability to communicate complex technical security concepts to technical and non-technical audiences, including executives.

• The ability to work independently as well as in a team is required.

• Willingness to collaborate and share knowledge with team members is required.

• Demonstrated ability to review and revise reports from colleagues is required.

• Demonstrated effective time management skills, the ability to handle multiple projects simultaneously, and the ability to handle large and complex projects with little to no supervision.

• #LI-NA1

What you can expect from Optiv

• A company committed to diversity, equity and inclusion through our Employee Resource Groups.
• Work/life balance
• Professional Training Resources
• Creative problem solving and the ability to tackle unique, complex projects
• Volunteer Opportunities. “Optiv Chips In” encourages employees to volunteer and engage in their teams and communities.
• The ability and technology needed to work productively remotely/from home (if applicable)

EEO Statement

Optiv is an Equal Opportunity Employer (EEO). All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender identity, sexual orientation, national origin, disability status, veteran status, or any other basis protected by federal, state, or local law.

Optiv respects your privacy. By providing your information via this page or by applying for a job with Optiv, you acknowledge that Optiv will collect, use and process your information, which may include personal data and sensitive personal data, in connection with Optiv’s selection and recruitment activities. For additional details on how Optiv uses and protects your personal data in the application process, please click here to view our Applicant Privacy Notice. If you sign up to receive job alerts, you may unsubscribe at any time.