Engagement Manager - DFIR & OSD

About SecurityScorecard:

Why join SecurityScorecard’s Professional Services Team?

The SecurityScorecard Professional Services team has a mission to advise customers on how to make their organizations safer. We provide specific direction with our cyber resiliency services, driven by our superior cybersecurity data, best practices and front-line lessons learned. We provide value by showing you where you are vulnerable, how to fix it and what is important to do first. Our services teams are cybersecurity thought leaders. We are a proactive Professional Services team that is customer centric, uses a team approach and represents the voice of the customer every day.

The team recently expanded with the acquisition of LIFARS, a global leader in Incident Response, Digital Forensics, Penetration Testing and Ransomware Mitigation. 

Whom are we looking for?

The Engagement Manager - Digital Forensics, Incident Response (DFIR) & Offensive Security (OSD) will respond and triage incident response engagements to determine the level of response that is required to stabilize the environment, initiate a plan for network restoration and/or recovery, as well as the collection of forensics data. The information collected will also serve as a vital input to the creation of statements of work.

Responsibilities

The Engagement Manager works with a team of experts with diverse skill sets including blue team, red team, forensics, application development and ones with advanced technical skill sets in networking, servers, cloud and more. The Engagement Manager is specifically tasked to manage all aspects of an Incident Response engagement that may include:

• Supervising team members assigned to an incident.
• Ensuring such efforts as validation, monitoring, containment, log analysis, system forensic analysis and reporting.
• Building and maintaining the relationship with the client, client’s counsel and other third parties involved and to ensure the engagement's objectives and expectations are met and executed successfully as documented in the statements of work.
• Supporting and providing direction to a team of security professionals that are responsible for such activities as monitoring, assessing, and reporting.
• Ensuring the needs of the Forensics team has the information and evidential artifacts required to perform their work.
• Leveraging strong verbal and written communication skills to ensure all parties involved in an incident situation receive timely and accurate information.
• Sourcing and coordination of third parties to assist in the incident.
• Monitoring the situation for changes in the client’s expectations.
• Fielding questions from the client relating to the case that may require responses from others such as adjusters, attorneys, public relations professionals, and others.
• Assisting the Client with inquiries from third parties related to the Client.
• Ensuring software tools are deployed completely and in a timely situation, as well as ensuring those tools are removed in a timely fashion.

Requirements/Qualifications:

• Ability to collect and verify technical information relating to a client’s computing environment.
• Ability to oversee and coordinate a team ranging from 1-10 professionals.
• Ability to ensure that meetings are properly scheduled and conducted.
• Ability to facilitate productive conversations amongst the parties involved in an incident situation.
• Ability to negotiate with unknown third parties towards a successful outcome in a cyber extortion situation, when needed.
• Ability to ensure that extortion payments are made with compliance with company policies, insurance policies, regulations, laws and other legal advice. Additionally, these payments are made following the processes and procedures set forth by SecurityScorecard.
• Ability to communicate effectively verbally and in written form, including ensuring the right information goes to the right parties.
• An understanding of the legal process that is required for an incident situation.
• Ability to work with law enforcement properly and effectively, as well as maintain a positive and productive relationship with law enforcement agencies.
• Ability to learn and modify process, actions and behaviors as situations change and as the incident climate changes.
• Ability to make own travel arrangements if the travel is required.
• Ability to keep track of hours, costs and other relevant information required of an incident.
• Ability to properly record time, document incident details and report on status.

Benefits

We offer a competitive salary, stock options, a comprehensive benefits package, including health and dental insurance, unlimited PTO, parental leave, tuition reimbursements, and much more!

SecurityScorecard embraces diversity. We believe that our team is strengthened through hiring and retaining employees with diverse backgrounds, skillsets, ideas, and perspectives. We make hiring decisions based upon merit and do not discriminate based on race, religion, national origin, gender identity or expression, sexual orientation, age, or marital, veteran, or disability status.