Coalition

Senior Incident Response Analyst

Coalition

Remote job description

About Us

Coalition is the leading provider of cyber insurance and security, combining comprehensive insurance and proactive cybersecurity tools to help organizations be resilient to cyber attacks. Cyber losses cost the global economy upwards of $1.5 trillion each year, and yet the majority of businesses are under-insured and under-prepared to manage and mitigate the risks of an increasingly digital world. Coalition is addressing this gap by providing no-cost cybersecurity tools to prevent losses, security and incident response services to contain them, and comprehensive insurance to help organizations recover from failures and breaches. We serve over 42,000 customers, ranging from small and midsize businesses to Fortune 500 companies.

Founded in 2017, Coalition has raised $300M from leading global technology investors, including Index Ventures, General Atlantic, Ribbit Capital, Vy Capital, Hillhouse Capital, and Valor Equity Partners, among others. Headquartered in San Francisco, Coalition's team is global with employees based across the United States, Canada, the United Kingdom, Switzerland, and Portugal.

Responsibilities

  • Work under the direction of IR lead and outside counsel to conduct IR investigations.
  • Fulfill client requests and resolve incidents received via e-mail or internal ticketing systems in a timely and detail-oriented manner.
  • Manage all client interactions professionally with a strong emphasis on client satisfaction.
  • Analyze and assess security incidents and escalate to appropriate internal teams for additional assistance.
  • Triage and scope incidents for prospective clients to understand the DFIR objectives and magnitude of effort involved to satisfy objectives.
  • Provide strategic, relevant, and achievable recommendations to help advance the security posture of organizations during and after an incident.
  • Communicate effectively with clients (executives and IT) on the topics of incident type, remediation, forensics and analysis.
  • Perform host and network-based forensics across Windows, Mac, and Linux platforms as well as cloud environments.
  • Deliver high-quality written and verbal reports, recommendations, and findings to key stakeholders including clients and legal counsel.
  • Participate in, or work directly on additional projects, assignments, or initiatives as required.
  • Mentor and coach team members and work effectively as part of team unit.
  • Develop, evaluate and utilize novel methods to hunt for indicators of compromise and perform analysis across large sets of data.
  • Assist in the development of internal guidelines, playbooks and knowledge base.
  • Demonstrate industry thought leadership through blog posts and occasional public speaking events.

Requirements

  • 3-5 years of professional experience (2 years directly related to IR or functional area) or equivalent combination of education and experience.
  • Working as part of a team in a remote matrixed consulting environment.
  • Incident Response: conducting or managing IR investigations for organizations, responding to opportunistic and targeted threats such as BECs, FTFs, ransomware, and APTs.
  • Digital Forensic Analysis: a background in using different forensic analysis tools in incident response investigations to determine the extent and scope of compromise and possessing creativity and logic in approaching complex forensic problems.
  • Incident Remediation: strong knowledge of opportunistic and targeted attacks and ability to generate customized strategic and tactical remediation plans for clients.
  • Network Forensic Analysis: strong knowledge of networking protocols, network analysis tools, and ability to perform analysis of associated network logs.
  • SOC and EDR: experience with EDR solutions and leveraging detections and analytics to mitigate threats appropriately.
  • Possessing an understanding of secure network architecture and a strong knowledge of networking fundamentals.
  • Cloud Incident Response: knowledge in AWS, Azure, GCP incident response strategies.

Additional Requirements

  • Excellent problem-solving skills with the ability to diagnose and troubleshoot technical issues.
  • Customer-oriented with a strong interest in client satisfaction.
  • Ability to learn new technologies and concepts quickly, and comfort in using command-line interfaces.
  • Capable of leading teams of highly motivated analysts.
  • Ability to communicate highly technical information to a non-technical audience.
  • Ability to handle and work with clients through high stress situations.
  • Proficiency in project management.
  • Ability to foster a positive work environment and attitude.
  • Ability to be flexible with work schedule in times of urgent response needs.
  • Ability to contribute to thought leadership within the DFIR industry.

Preferred Qualifications

  • Bachelor's degree in digital forensics, cybersecurity, computer science, information systems, or similar field
  • GCIH, GCIA, GCFA, GCFE, ACE, EnCE, CFCE, CISSP, or similar

Why Coalition?

Our goal is to harness the power of technology with the safety of insurance, to provide the first holistic solution to cyber risk. Coalition's culture is one that strongly values humility, authenticity, and diversity. We want to work with people of different backgrounds and different paths in life, and we trust our team members to take responsibility, share ownership and work for one another. We are always looking for collaborative, inquisitive and dedicated individuals to join our team.

Recent press releases:

https://www.coalitioninc.com/announcements/Coalition-Raises-$175M-to-Build-the-Future-of-Commercial-Insurance

Coalition is proud to be an Equal Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.

Summary
Coalition
Senior Incident Response Analyst

Share or copy

Job alerts