Cyber Investigator - CYDERES (Fishtech Group) Kansas City, MO, USA Bookmark Share Print 1175 2 24

Listing Description

Fishtech is a security company for the digital era. Headquartered in Martin City, we were just awarded “Kansas City’s Coolest Office Space” by the KC Business Journal. Fishtech is incubating a Cyber Defense and Response solution offering: CYDERES. Fishtech CYDERES is a Security-as-a-Service offering that can normalize and correlate multiple types of telemetry, leveraging intelligent machine learning to create consistency and enable automated outcomes via orchestration.

CYDERES is looking for a dedicated, creative, and experienced cyber security professional to join our Investigations team. This candidate should have a deep understanding of how networks, endpoints and servers interoperate inside a corporate IT or cloud environment. Prior experience with Digital Forensics and Incident Response (DFIR), malware analysis, and curating and managing intrusion sets through deeper security research is a must. Candidates will need to have a customer-first attitude and be comfortable interacting with a number of different stakeholders both internal to CYDERES and external-facing to customers.

Fishtech has an immediate interest in expanding our Investigations capability that serve as an escalation point for our Security Analysts, customers, and be informative for community peers through occasional publications, conference talks, and trust group involvement. This is a great opportunity for someone who is seeking to solve customers cyber security problems in a great environment with an exceptional team. We have a heavy focus on empowering our employees to make great decisions by collecting rich datasets from customer environments. Critical thinking, passion, and an attitude for growth are essential to the success of this position.

Essential Functions:

1. Monitor various feeds for emerging threats, curate indicators, and streamline dissemination

2. Analyze and respond to security events to drive desired customer outcomes

3. Provide deep technical expertise to enable internal and external customers at all levels

4. Provide guidance for improvements in platform and internal process

5. Perform digital forensics, incident response, and reasonable security research functions

6. Other duties as assigned

Requirements

Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for their job. Duties, responsibilities, and activities may change at any time with or without notice. Other duties may include:

Position Type/Expected Hours of Work:

This is a full-time position. Days and hours of work are generally Monday through Friday, 8:30 a.m. to 5 p.m. Depending on the needs of the customer, these hours may vary.

Required Education and Experience:

1. 3 or more years of progressing/in-depth cyber security experience

2. Advanced understanding of networking concepts and ability to analyze network artifacts

3. Understanding of endpoint detection and response software

4. System administration experience: Windows, macOS, and Linux/Unix

5. Advanced scripting or development experience in one of the following languages: Python, JavaScript, Powershell, bash, etc.

6. Advanced-level understanding of business risk and how to properly advise a customer through critical, and failing, situations

7. Reasonable understanding of the various threat communities and specific intrusion sets

8. Proficiency with forensics processes and tools

Preferred Skills:

1. Scripting or development experience (Python, Javascript)

2. Experience with log management platforms (Splunk, Elastic search/Logstash/Kibana - ELK / Elastic Stack)

3. Cloud environments and Technologies (AWS, Azure, GCP; O365, Proofpoint)

4. Experience in Orchestration and Automation Platforms (Demisto, Phantom, Hexadite)Monitor various feeds for emerging threats, curate indicators, and streamline dissemination

Analyze and respond to security events to drive desired customer outcomes

Provide deep technical expertise to enable internal and external customers at all levels

Provide guidance for improvements in platform and internal process

Perform digital forensics, incident response, and reasonable security research functions

Other duties as assigned