PORTFOLIO COMPANY CAREERS
Our portfolio companies are always looking for talented people to join their team.
Senior ICS/OT Incident Response Consultant
Dragos
Saudi Arabia · Sterling, VA, USA · Remote
Posted on Oct 10, 2024
Dragos is on a relentless mission to defend industrial organizations that provide us with the necessities of modern civilization: running water, functioning electricity, and safe industrial working environments. As the market leader in ICS/OT Cybersecurity, we are dedicated to arming our customers with best-in-class technology, threat intelligence, and services to protect their systems as effectively and efficiently as possible. We’re a remote-first culture with operations in North America, Europe, the Middle East, and APAC. We’re looking for mission-oriented teammates who embody our core values of authenticity, transparency and trust. Are you ready to make a difference? Come join a mission that can save the world!
About the role:
As an Incident Response Consultant, you will be on the forefront of safeguarding Dragos customers throughout EMEA by leading incident response efforts in the region. In addition, you will participate in proactive engagements including compromise assessments, architecture reviews and tabletop exercises with the goal of bolstering customer OT security posture. This role has high impact and is crucial to the success of our mission!
Location: Remote (Saudi Arabia)
Responsibilities
- Collaborate with teammates for Incident Response Retainer customers, including onsite and offsite activities for triage and analysis within industrial environments (covering EMEA countries).
- Lead investigations, hunts, and day-to-day operations in industrial environments.
- Generate playbooks and other content for customers.
- Identify opportunities for service improvements and collaborate with internal stakeholders to support engagement objectives.
- Provide consistent support to customers during critical crisis situations.
- Serve as incident commander or incident strike team/taskforce lead, offering ad-hoc guidance and training as needed.
- Design and execute Tabletop Exercises (TTXs), prepare and execute Incident Response
- Planning workshops, and assist in assessments, architecture reviews, and other service engagements as needed.
- Participate in the Dragos IR on call rotation.
Qualifications
- Minimum of 4 years of hands-on experience in digital forensics, with expertise in at least two of the fields of network, memory, or disk (emphasis on methodology over specific tools).
- 2 or more years of hands-on experience in an industrial vertical (e.g., Oil and Gas, Electric, Manufacturing).
- Proven skills in intrusion analysis and the ability to lead investigations from start to finish, including correlating events and pivoting between data types.
- A strong desire to learn about industrial environments, including software platforms, PLCs, RTUs, and instrumentation (prior experience being highly desirable).
- Experience hunting and identifying malicious activity, with hands-on knowledge of handling communications during incidents.
- Technical proficiency in using Windows and Linux operating systems, as well as in-depth knowledge of networking concepts (TCP/IP, Ethernet, etc.) and the configuration and rule creation for common security tools (e.g., Wireshark, Snort/Suricata, Zeek, Yara, Sigma).
- Excellent social, verbal, and written communication skills, demonstrating the ability to work effectively with customers and share on-call responsibilities, including non-standard hours, unplanned remote and onsite response efforts.
- Prior cybersecurity consulting experience.
- Willingness to travel up to 50% to support customer engagements throughout EMEA.
Compensation
- Salary: 462,462 SAR
- Competitive Equity Package
- Comprehensive Benefits Plan
Dragos is an Equal Opportunity Employer and considers applicants for employment without regard to race, color, religion, sex, orientation, national origin, age, disability, genetics, or any other basis forbidden under federal, state, or local laws. All new hires must pass a background check as a condition of employment.
#LI-JF1 #LI-REMOTE