Coalition

Incident Response Lead

Apply Now

🌎

Any location, Australia

7h ago

👀 1 views

📥 0 clicked apply

Job Description

Remote

About us

Coalition is the world's first Active Insurance provider designed to help prevent digital risk before it strikes. Founded in 2017, Coalition combines broad insurance coverage with a digital risk assessment and continuous security monitoring to help organizations protect themselves in today’s hyper-connected world.

Opportunities to make an impact with bold thinking are real - and happening daily.

Responsibilities

Drive incident response engagements to guide our customers through forensic investigations, contain security incidents, and provide guidance on longer term remediation recommendations.
Coordinate and guide incident response assistance from team members and vendors
Investigate customer data breaches and malicious activity leveraging forensics tools; analyze Windows, Linux, and Mac OS X systems to identify Indicators of Compromise (IOCs); examine firewall, web, database, and other log sources to identify evidence of malicious activity.
Provide case reporting as required across internal and external audiences with the appropriate technical level of detail for threat researchers and/or business customers.
Evaluate customer security programs, technologies, controls, and business environments; recommend and develop enhancements.
Provide recommendations on solutions to help customers navigate information security risk.
Track emerging security practices and contribute to building internal processes, and our various products.
Stay abreast of the current regulatory environment, industry trends and related implications.

Skills and Qualifications

Bachelor’s Degree in Computer Science, Information Security, Engineering, or other relevant subjects.
5+ years of incident response or digital forensics experience.
Demonstrated practiced knowledge of the lifecycle of network threats, attacks, attack vectors, and methods of exploitation with a knowledge of intrusion set tactics, techniques, and procedures.
Knowledge of TCP/IP Protocols, network assessment and network/security applications, including log and network traffic capture assessment.
Experience with Velociraptor, Axiom, FTK, SIFT, Volatility, ELK, WireShark, Plaso, Skadi or other open source forensic/log analysis/network assessment tools.
Experience with EDR tools like CrowdStrike Falcon, Carbon Black, Sentinel One, etc.
Knowledge of industry standard frameworks – NIST, HIPAA, PCI.
Self-motivated; entrepreneurial spirit; comfortable working in a dynamic environment.
Strong interactive communication skills (verbal & written).
Aptitude to learn technical concepts/terms, and aptitude to guide multiple tasks/projects simultaneously.
Experience deploying tools to AWS and familiarity using Cloud based platform for assessment.

Additional Skills and Qualifications

Excellent critical thinking skills with the experience to diagnose and troubleshoot technical issues
Customer oriented with a strong interest in consumer satisfaction
Experience to learn new technologies and concepts and comfortable using command-line interfaces
Experience guiding teams of highly motivated analysts
Communicate highly technical information to a non-technical audience
Experience to handle and work with consumers through high priority scenarios
Knowledge in project management
Foster a positive work environment and attitude
Flexibility with your work schedule in times of urgent response needs
Contribute to thought guidance within the DFIR industry

Bonus Points

GCIH, GCIA, GCFA, GCFE, ACE, EnCE, CFCE, CISSP, or similar
Security policy, governance, privacy or regulatory experience (e.g., NIST, ISO, HIPAA, PCI).
Securing cloud based platforms (Microsoft Azure, Amazon AWS, etc.).
Experience with system hardening procedures for Windows, Linux, Unix is helpful. Knowledge and/or experience with Nmap, Nessus, Nexpose, Qualys, Burp, Kali, Metasploit, Meterpreter, or other offensive tools is helpful.
Knowledge of scripting for development of security tools and industry frameworks is helpful.
SCADA/Control systems network experience is a plus.

Perks

100% medical coverage, including out-patient and emergency care
20+ paid holidays
12% employer pension contribution
Annual home office stipend
Mental & physical health wellness programs
Competitive compensation and opportunity for advancement

Why Coalition?

We’re a remote-first, mission-driven team committed to building a more inclusive culture with people of all different backgrounds. We trust our team members to take responsibility, share ownership, and put in the work to help us in our pursuit to solve digital risk.

Coalition’s exceptional growth stems from its ability to address real-world problems for organizations of all sizes and remain true to our founding values of character, humility, responsibility, purpose, authenticity, and inclusion.

We’re always looking for collaborative, inquisitive individuals to join #OurCoalition.

Visit our Newsroom >

Privacy Notice

Coalition is committed to protecting your privacy and handling your personal information responsibly. We collect, use, and store personal information as necessary for the recruitment process and in compliance with applicable privacy laws and regulations in all regions where we operate. We want you to understand what personal information we collect, how we use it, and your rights regarding access, correction, and deletion of your data where applicable. Information submitted, collected, and processed as part of your application is subject to Coalition's Privacy Policy. For further details, please review our full Privacy Policy or contact us with any questions regarding how your information is handled.

Our Privacy Policy >

Anti-Discrimination Notice

Coalition is proud to be an Equal Opportunity employer. Our policy is to provide equal employment opportunities to all individuals, without discrimination or harassment on the basis of any characteristic protected by applicable laws in each country where we operate. This commitment includes, but is not limited to, ensuring equal treatment in recruitment, selection, training, promotion, transfer, compensation, and all other aspects of employment. Coalition does not tolerate discrimination or harassment of any kind, and we are dedicated to fostering an inclusive and supportive workplace.

Accommodations

Coalition is committed to providing reasonable accommodations to qualified individuals with disabilities, including applicants and employees, in accordance with applicable laws and regulations in each country where we operate. Our policy is to support equal opportunity in the hiring process by considering qualified applicants regardless of disability or other protected characteristics, unless providing accommodation would impose an undue hardship or disproportionate burden. If you require accommodation to complete an application, interview, pre-employment testing, or participate in the selection process, please contact us at candidateaccommodations@coalitioninc.com. We also consider all qualified applicants, including those with criminal histories, in line with applicable laws and regulations in each jurisdiction.

To all recruitment agencies: Coalition does not accept unsolicited agency resumes. Do not forward resumes to our email alias, employees, or other physical or virtual organization locations. Coalition is not responsible for any fees related to unsolicited resumes.