Principal Cyber Security Incident Handler / DFIR
Posted Today by 1766129560
Negotiable
Outside
Remote
USA
Summary: A leading healthcare company is looking for a Principal Cyber Security Incident Handler to leverage incident response and forensic skills in addressing security breaches. The role involves evaluating malicious activity, identifying attack vectors, and recommending mitigation strategies to minimize impacts on business and medical services. This position is fully remote, with candidates required to reside in specific states. It is a 12-month contract with potential for full-time conversion or extension.
Key Responsibilities:
- Utilize incident response, investigative, and forensics skills to respond to security breaches.
- Implement containment measures and investigate impacts of security incidents.
- Evaluate artifacts for malicious activity and identify attack vectors.
- Perform root cause analysis (RCA) and recommend mitigation strategies.
- Provide chain of custody service for criminal investigations.
- Minimize the impact on business and medical services.
Key Skills:
- 10+ years of cyber security digital forensics experience.
- Expertise in security controls such as EDR, forensics tools, and SIEM.
- Strong understanding of malware and attacker techniques.
- Ability to perform deep-dive analysis to determine root cause and full impact of incidents.
- Strong communication and documentation skills.
- Ability to respond quickly.
Salary (Rate): undetermined
City: undetermined
Country: USA
Working Arrangements: remote
IR35 Status: outside IR35
Seniority Level: undetermined
Industry: IT
A leading healthcare company is seeking a Principal Cyber Security Incident Handler to join their dynamic team. You will be responsible for utilizing incident response, investigative and forensics skills to respond to security breaches, implement containment measures, and investigate impacts. You'll use forensic best practices and provide chain of custody service for criminal investigations involving issues such as fraud, employee situations, etc. You'll evaluate artifacts for malicious activity, identify attack vectors, exploit methods, perform RCA and recommend mitigation strategies, and help minimize the impact on business and medical services.
This role is 100% Remote but candidates must reside in California, Oregon, Washington, Colorado, Georgia, Virginia, Maryland, or Washington DC.
This is a 12 month contract with opportunity for full time conversion or contract extension.
Required Skills & Experience- 10+ years of cyber security digital forensics
- Expertise in security controls such as EDR, forensics tools, intrusion prevention, authentication, data collection and analysis, and SIEM
- Strong understanding of malware and attacker techniques
- Ability to perform deep-dive analysis to determine root cause and full impact of incidents
- Strong communication and documentation skills
- Ability to respond quickly