Incident Response Training Consultant

When you join Verizon

Verizon is one of the world’s leading providers of technology and communications services, transforming the way we connect across the globe. We’re a diverse network of people driven by our shared ambition to shape a better future. Here, we have the ability to learn and grow at the speed of technology, and the space to create within every role. Together, we are moving the world forward – and you can too. Dream it. Build it. Do it here.

What you’ll be doing...

Are you naturally curious about complex topics that others shy away from? Are you an innovator that is ready to become a pioneer in the information security community? Then look no further! The Verizon Threat Research Advisory Center (VTRAC) consults multinational corporations and government agencies regarding their cybersecurity posture, as well as advising executive leadership teams, advisory boards, and boards of directors through cybersecurity incidents and strategic planning. As a member of this world-class team of consultants located across the Americas, EMEA, and APAC you will be a part of a group that leads thousands of cybersecurity investigations and other proactive engagements while annually authoring the industry-leading Data Breach Investigations Report and Data Breach Digest going back to their inception in 2008.

• Working as lead support for all retainer customers by revising training curriculums, creating training materials, maintaining customer communication and delivering training curriculum.
• Working remotely (with occasional travel) in the continental U.S. as an integral part of a global response team.
• Leading and supporting complex engagements with a variety of clients across a wide range of business silos.
• Leveraging diverse methodologies to investigate cybersecurity incidents, which may include ongoing breach investigations, privacy issues, and non-compliance matters in order to provide an impact assessment and remediation recommendations to clients.
• Producing high-quality oral and written work products to present complex technical matters, clearly and concisely, to a variety of stakeholders.

Where you'll be working...

In this hybrid role, you'll have a defined work location that includes work from home and assigned office days set by your manager.

What we’re looking for...

You’ll need to have:

• Bachelor’s degree or four or more years of work experience.
• Four or more years of relevant work experience.
• Four years of relevant digital forensic, cyber intrusion and incident response work experience, or similar.
• Willingness to travel, sometimes with intermittent periods of significant travel, evening and weekend hours.
• A valid driver’s license.

Even better if you have one or more of the following:

• A Bachelor’s degree from an accredited university.
• Ability to function in a dynamic environment, managing multiple priorities and deadlines.
• Ability to make recommendations to remediate complex security threats.
• Ability to synthesize data from multiple sources and present concise, relevant information to a non-technical audiences.
• Excellent communication skills with the ability to present to a variety of audiences.
• Ability to set and manage competing expectations and priorities with technical and senior stake-holders.
• Well-developed analytic, qualitative and quantitative reasoning skills.
• Demonstrated creative problem-solving abilities and ability to share knowledge with colleagues.
• One or more technical certifications in areas such as incident handling, forensic analysis, reverse malware engineering or forensic tool-specific training.
• Experience with any of the following areas: developing and managing incident response programs, network infrastructure and communication protocols, packet capture and TCP/UDP traffic flow analysis, system and network log analysis, programing or scripting languages (such as e.g., Python, PowerShell, etc.) in an incident handling environment.
• Advanced understanding of computer exploitation methodologies, current information security solutions and technologies, including network and host based products, Implementing NIST information security guidelines.
• Experience using forensic tools such as EnCase, FTK, Sleuth Kit, Volatility, Axiom, Cellebrite, Black Light, X-Ways, or similar.
• Experience with SIEM, EDR, IDS, and DLP technologies.
• Experience with memory and volatile data analysis.
• Knowledge in enterprise cloud infrastructure (e.g., AWS, G-Suite, O365, Azure).
• Knowledge of command line tooling (e.g., grep, sed, awk, powershell).
• Experience conducting security assessments, penetration testing, or ethical hacking.
• The ability to manage day-to-day aspects of privileged and confidential customer relationships.
• The ability to manage remote engagements with a variety of remote communication methods (e.g., video conferencing, telephonically, chat based platforms).
• Interest in authoring industry thought articles on technical and non-technical topics.
• Law enforcement, military intelligence, investigative or professional security services background preferred, but not required.

22CyberVES 22CyberOPS

Equal Employment Opportunity

We're proud to be an equal opportunity employer - and celebrate our employees' differences, including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, and Veteran status. At Verizon, we know that diversity makes us stronger. We are committed to a collaborative, inclusive environment that encourages authenticity and fosters a sense of belonging. We strive for everyone to feel valued, connected, and empowered to reach their potential and contribute their best. Check out our diversity and inclusion page to learn more.

COVID-19 Vaccination Requirement

NYC candidates: Verizon requires new hires to be fully vaccinated against COVID-19 for onsite and hybrid NYC roles. Verizon provides reasonable accommodations consistent with legal requirements (e.g., for medical or religious reasons). Additional information will be provided during the hiring process.