Job Description

Senior Incident Response and Digital Forensics Consultant

The world leader in intelligence-driven information security solutions. We help organizations pursue their business goals with confidence in a digitally connected world. We are always recognized by industry analysts and attitude surveys as the world's most understandable and predictable company. We handle 250 billion security events daily for 4,400 customers in more than 55 countries, and our solutions are used at every layer of your security environment, including 330 different vendor technologies. We are a team of talented, dedicated and diverse researchers, analysts, engineers, consultants and business professionals who are committed to protecting our customers from cyber threats. Won't you become one of them? We are looking for a promising member. We will support the team by providing the tools and support needed to fight against threat actors and maintain our leadership in the cybersecurity industry.

As a unique entity that adapts to industrial development, we are also proud to be part of Dell Technologies. In addition to offering unparalleled compensation and benefits, we recognize and reward employees for their excellent results. With continuous emphasis on knowledge improvement and growth, team members are always focused on supporting their work and supporting their future work. Provide work styles that are as flexible as possible, and emphasize work-life balance. We believe that when we get rewarded, recognized, and overcome difficulties, we can win as a team.

Business description

As a consultant for incident response and forensic investigation, the following engineering, consulting, and pre-sales proposal activities.
• Investigate the scope and cause of the incidents that occurred in the customer's environment and advise how to respond in the short, medium and long term
• Conduct forensic investigations on complex incidents such as data breaches, internal fraud, and targeted attacks, and create reports based on evidence
• Evaluate incident response readiness by reviewing incident response plans
• Create and improve incident response plans through CSIRT construction support and desktop training
• Development of new security services

Experience / ability / skills required

[Required requirements]

• More than 5 years of incident response experience and more than 2 years of multiple incident response lead experience
• Have communication skills that enable smooth coordination with customers and related parties.
• Experience with forensic tools such as Encase, FTK, Helix, Knoppix, Slax, Sleuthkit, SIFT, BlackLight, MacForensicsLab
• Major OS knowledge and forensic experience (Unix, Linux, Mac, Windows)
• Network communication analysis skills
• Knowledge of network, firewall, IDS, IPS
• Understand the protocols used for data sharing and communication
• Knowledge of security tools such as Snort, Nmap, Kali linux
• Understand procedures related to data integrity and CoC
• Reporting skills and presentation skills
• Ability to read and write technical documents and emails in English

[Welcome requirements]
• Knowledge of log monitoring services such as MSS
• Honeypot and network monitoring skills
• Smartphone / PDA forensic tool experience
• Consulting experience on forensics and information security best practices
• Pre-sales experience in incident response and forensic investigation
• Script creation skills (Perl, Python, Enscript, Bash, PowerShell, Ruby, etc.)
• Malware analysis skills
• Knowledge of laws and regulations such as HIPAA, PCI, SOX

【Statue】

• Those who are willing to actively challenge undeveloped technological fields
• Ability to actively collect security-related information from domestic and foreign sources
• Those who can actively transmit security-related information in Japan and overseas
• Those who are willing to absorb new technologies
• Those who are willing to work in collaboration with global technical units
• A person who is responsible for the work as a project leader and can smoothly implement the project and build and maintain a good relationship with the customer.
• As a leader of the incident response team, who can provide technical guidance to members and become a member's goal

Qualification

The following qualified holders are welcome.
• SANS related qualifications (GCIH / GCIA / GREM / GCFA / GCFE etc.)
• Forensic tool qualification (EnCE / CCE / ACE, etc.)
• CISSP
• Information security specialist
• Network specialist
• Other security qualifications

Career pass after joining

• After joining the company, you will lead incident-related projects including incident response.
• Participate in internal and external technical training, including overseas, and conduct technical surveys to improve skills in new technical fields and play a central role in launching new services.
• We hope to grow into a human resource who can play an active role in the global field through technical cooperation with our overseas teams and joint projects across countries.
• You will be actively involved in projects not only in Japan but also in the Asia Pacific region such as Hong Kong and Taiwan.