Forensic and Incident Response Lead
The Judge Group Inc.

Houston, Texas

Posted in IT
16 days ago

Job Info

Location: Houston, TX
Description: Our client is currently seeking a Forensic and Incident Response Lead

This job will have the following responsibilities:

  • Work across SOC, Cyber Threat Intelligence, Red Team, Engineering Team and others to bring together a holistic view of incidents
  • Conduct investigations on high-priority incidents to include functions such as host (disk and memory) forensics, network forensics and log analysis
  • Conduct advanced threat hunting by using threat intelligence and the MITRE ATT&CK framework to proactively identify suspicious activity in the environment
  • Support insider threat investigations through the use of innovative techniques and use cases
  • When not actively responding to incidents, other key items within the role include: development of documentation and processes such as playbooks, refining your skills through training opportunities and identifying and enhancing the capabilities of the team by developing opportunities for automation (i.e. custom scripts and tool integration)
  • You will lead and coordinate the response to digital security incidents through the initial triage phase and provide support to business and IT teams as they work to close identified gaps.
  • This involves ensuring that threats are contained in a timely way to minimize the risk to information assets, data and services.
  • You will also participate in post-incident reviews assessing the effectiveness of controls, monitoring and responses to maximize lessons learnt and improve cyber resilience.
Qualifications & Requirements:
  • Experience with attacker tactics, techniques and procedures (TTP's)
  • Knowledge of both Windows and Linux operating systems in regard to host-based forensics and analysis
  • Knowledge of cloud platforms such as AWS and Azure
  • Experience with many different types of log sources such as firewall, web and database to identify evidence, trends, patterns and artifacts of anomolous activity
  • Understand network communications and protocols
  • Ability to communicate effectively and document investigative findings in a clear and concise manner
  • You'll have a degree or technical certification (SANS, Cyber Security, CISSP)
  • Alternatively, you could have at least 3 years' direct working experience
  • You will have significant relevant experience in an cybersecurity, with a focus specialization in digital forensics and response
  • You will have advanced technical knowledge and experience of delivering security solutions. This includes providing technical advice and overseeing security processes

This job and many more are available through The Judge Group. Find us on the web at

More jobs for you in IT


Posted about 11 hours ago

Ricoh USA

Posted about 11 hours ago

Ricoh USA

Posted about 11 hours ago

View IT jobs »

New post from our employment blog

Share this job with the community

Click a community link below, and then social share the Forensic and Incident Response Lead job.

African American Job Search Logo
Asian Job Search Logo
Disabled Job Seekers Logo
Hispanic Job Exchange Logo
LGBT Job Search Logo
Seniors to Work Logo
US Diversity Job Search Logo
Veteran Job Center Logo