Incident Response Senior Consultant - SpiderLabs
Trustwave helps businesses fight cybercrime, protect data and reduce security risk. With cloud and managed security services, integrated technologies and a team of security experts, ethical hackers and researchers, Trustwave enables businesses to transform the way they manage their information security and compliance programs. Trustwave delivers automated, efficient and cost-effective threat, vulnerability and compliance management. Trustwave is headquartered in Chicago, with customers in 96 countries. For more information about Trustwave, visit https://www.trustwave.com.
SpiderLabs is Trustwave’s advanced security team focused on penetration testing, application security and incident response.
The role will include delivering incident response services across the full breadth of SpiderLabs’ service portfolio. It is a unique opportunity to be a part of a talented, global team, and to work on a diverse and very interesting set of projects.
These projects include infrastructure penetration testing, both internal and external, application security and incident response services.
Initially, the role will focus on incident response, specifically in the payment card space. The role will report to the Director of Incident Response and will require that the successful applicant work well independently.
The ideal applicant will have experience in both incident response and penetration testing.
Applicants with at least two years of commercial penetration testing experience or two years of commercial incident response and computer forensics experience will be considered.
Applicants with experience in only one field must be able to show an interest and the ability to quickly learn the skills of the other discipline.
Demonstrable experience with independently managing the delivery of projects is also a must.
Forensics (required to have experience w/some of the following)
- Excellent working knowledge of EnCase, as well as open source alternatives.
- Experience in payment card forensics (under the PCI PFI program) very desirable, but not required.
- Experience with scripting in Perl/Python/Ruby very desirable, but not required.
- Experience with both desktop-based and server-based forensics.
- Experience with compromises involving web applications. Reverse engineering skills very desirable, but not required.
Penetration Testing (strongly desired)
- Excellent working knowledge of computer networks and their vulnerabilities.
- Excellent working knowledge of layer-two networking issues.
- Excellent operating system knowledge in Windows-based and Unix-based systems.
- Knowledge of and demonstrable experience with a wide range of different attack tools.
- Application testing skills are considered a bonus, but are not a requirement
- Strong report writing skills
- Strong communications skills
- Ability to travel (primarily domestically)
- Ability to work independently and communicate with clients.
- Ability to identify potential new business opportunities within the client base.
We prefer college-educated applicants, but at minimum, high school diploma or equivalent is required for employment.
Trustwave is an Equal Opportunity Employer of Minorities, Females, Protected Veterans, and Individuals with Disabilities.
To All Agencies:
Please, no phone calls or emails to any employee of Trustwave outside of the Talent Acquisition team. Trustwave’s policy is to only accept resumes from agencies via the Trustwave Agency Portal. Agencies must have a valid fee agreement in place and they must have been assigned the specific requisition to which they submit resumes, by the Talent Acquisition team. Any resume submitted outside of this process will be deemed the sole property of Trustwave and in the event a candidate is submitted outside of this policy is hired, no fee or payment of any kind will be paid.
Back to top