Incident Response Consultant Resume Sample
Work Experience
- Manage end to end cyber breach investigations within sophisticated F500 IT security operations
- Identify and investigate intrusions to determine the cause and extent of the breach, leveraging threat intelligence sources as needed
- Preserve and analyze data from diverse set of digital data sources, including laptop and desktop computers, servers, networks and mobile devices
- Coordinate with customer representatives and their partners (such as law enforcement) to establish the necessary response to breaches
- Produce quality oral and written reports, presenting complex technical matters clearly and concisely
- Maintain proficiency with industry standard tools and practices
- Maintain a high level of professionalism in all areas of performance
- Develop and broaden forensic skill set through outside training and research
- Ensures that projects are scoped properly, balanced between customer requirements and Resilient’s abilities
- On-time project and its deliverables
- Mentoring and coordination of projects, customers
- Client satisfaction ratings
- Coordinate with SE, CS, PS, Project management and customers through the stages of Customer On-Boarding,
- Coordinates and ensures that client engagements, Incident Response consulting and Product Design sessions)
- Provide objective, actionable, and complete guidance that enables and improves our clients’ incident management capabilities
- Assist with Pre/Post sale NetWitness opportunities
- Build scripts, tools, or methodologies to enhance Mandiant’s incident investigation processes
- Partner with global working teams, gather the security requirements and recommend security products, services and/or procedures to enhance productivity and effectiveness
- Maintaining awareness of the client’s technology architecture, known weaknesses, the architecture of the security solutions used for monitoring, imminent and pervasive threats as identified by client threat intelligence, and recent security incidents
- Information security experience, including the development and maturation of incident
- Technical communication skills (oral and written) including experience briefing executive management and desire to work with clients to solve complex security issues, including at times in crisis situations
- Experience with at least three of the following
- Technical expertise in at least three of the following areas
- Promote Dell SecureWorks by participating in external speaking engagements, writing whitepapers and blogposts, and ensuring identification of opportunities for additional support to be provided to clients
- Training and continuous coaching and mentoring to grow your technical and professional skills like no one else
Education
Professional Skills
- Experience with compromises involving web applications. Reverse engineering skills very desirable, but not required
- Domain experience in cyber-security strongly desired. Experience working in SOC and NOC environments, performing in
- Strong documentation skills, ability to write high level reports and comfortable creating documents and processes
- Strong interpersonal skills, ability to articulate complex and technical concepts, ideas, and solutions to CISOs,
- Strong security analysis skills of networking data and traffic
- Strong documentation skills, ability to write executive and technical DFIR reports
- Analytical techniques, critical thinking and problem-solving skills
How to write Incident Response Consultant Resume
Incident Response Consultant role is responsible for security, technical, briefing, executive, crisis, clients, training, analysis, documentation, java.
To write great resume for incident response consultant job, your resume must include:
- Your contact information
- Work experience
- Education
- Skill listing
Contact Information For Incident Response Consultant Resume
The section contact information is important in your incident response consultant resume. The recruiter has to be able to contact you ASAP if they like to offer you the job. This is why you need to provide your:
- First and last name
- Telephone number
Work Experience in Your Incident Response Consultant Resume
The section work experience is an essential part of your incident response consultant resume. It’s the one thing the recruiter really cares about and pays the most attention to.
This section, however, is not just a list of your previous incident response consultant responsibilities. It's meant to present you as a wholesome candidate by showcasing your relevant accomplishments and should be tailored specifically to the particular incident response consultant position you're applying to.
The work experience section should be the detailed summary of your latest 3 or 4 positions.
Representative Incident Response Consultant resume experience can include:
- Strong skills in the security analysis skills of networking data and traffic
- Demonstrable problem solving, analytical skills and attention to detail
- Application testing skills
- Understanding of at least one Compliance Framework Experience, for example: ISO 27001/2, PCI DSS, CoBIT
- Experience of contributing to IT Security projects. and a broad understanding of protecting and monitoring enterprise IT
- Previous experience managing small teams delivering IT implementations and involving multiple software application integrators
Education on an Incident Response Consultant Resume
Make sure to make education a priority on your incident response consultant resume. If you’ve been working for a few years and have a few solid positions to show, put your education after your incident response consultant experience. For example, if you have a Ph.D in Neuroscience and a Master's in the same sphere, just list your Ph.D. Besides the doctorate, Master’s degrees go next, followed by Bachelor’s and finally, Associate’s degree.
Additional details to include:
- School you graduated from
- Major/ minor
- Year of graduation
- Location of school
These are the four additional pieces of information you should mention when listing your education on your resume.
Professional Skills in Incident Response Consultant Resume
When listing skills on your incident response consultant resume, remember always to be honest about your level of ability. Include the Skills section after experience.
Present the most important skills in your resume, there's a list of typical incident response consultant skills:
- Experience briefing senior-level leadership, and conveying technical subject matter to audiences of varying backgrounds and skill levels
- Proven experience handling incidents
- Cybersecurity experience with experience in leading medium large scale NOC/SOC teams
- Proven experience in information security
- Strong experience with multiple forensic tools (such as Encase, FTK, X-Ways, F-Response, Volatility, Blacklight, MacQuisition, Recon)
- Understanding of at least one Compliance Framework Experience: ISO 27001/2, FISMA, PCI, HITRUST, NIST 800-series, CoBIT
List of Typical Experience For an Incident Response Consultant Resume
Experience For Incident Response Senior Consultant Resume
- Experience in Incident Response, Forensics and/or Malware Analysis
- Software development experience or interest in Python or C/C++
- Experience in IT security and investigations
- Practical experience of NIST SP 800-61 or similar methodologies
- Tool agnostic with an emphasis on knowing the forensic artifacts themselves versus relying on tool output
- Network traffic and protocol analysis utilising tools such as Wireshark
- Encouragement challenge the status quo, think creatively, and innovate –make us better
Experience For Consultant, Incident Response Resume
- Self-motivated with a knack for innovation and project success
- Willingness to travel 30% - 40% of the time
- Manage end to end incident response investigations with Accenture’s customers
- Deep technical knowledge of methods utilised for evidence collection, maintenance of chain of custody and associated documentation, evidence storage and analysis and evidentiary reporting
- Analyze PCAP data
- Work with a remote team via collaboration tools (Chat, Email, and Video Conferences)
- Work independently with substantial latitude for action and decision while maintaining focus on achieving optimal outcomes as part of a collaborative development effort
Experience For Senior Incident Response Consultant Resume
- Data Recovery, Deletion and Destruction
- Able to work independently, and get engaged in online chats with a globally distributed team
- Be able to decode base64 and write a python script
- Knowledge of key forensic artifacts in both Windows and Nix systems. Be able to articulate their significance to an investigation
- Contributions to the DFIR community, Blog, twitter, git repos
- Be a fast and lifelong learner
Experience For Incident Response Business Consultant Resume
- Travel (primarily domestically and Canada) approx. 25%
- Knowledge of common processor architectures such as x86, X64 and ARM
- Common web and email-based attack techniques
- Languages such as Yara, Python, PHP, Powershell, JavaScript, Ruby, Perl, SQL, .NET and Java
- Technical threat intelligence and detection techniques. Understanding of the principles of Indicators of Compromise (IoCs) including cryptographic checksums, IDS/IPS/Firewall rule definitions, regular expressions and blacklisting
- Recognise and deal appropriately with potentially confidential and sensitive information
Experience For Principal Digital Forensics & Incident Response Consultant Resume
- Spanish level (both oral and written) Fluent
- English level (both oral and written) Fluent
- Mobile phone forensics
List of Typical Skills For an Incident Response Consultant Resume
Skills For Incident Response Senior Consultant Resume
- Experience analyzing a myriad of system and network logs using Splunk and/or ELK
- Experience with hands-on penetration testing against Windows, Unix, or web application targets
- Experience with scripting in Perl/Python/Ruby very desirable, but not required
- Several years of experience handling incidents
- Information security experience, including the development and maturation of incident
- Experience with scripting in Perl/Python/Ruby very desirable
- Experience in writing blogs and whitepapers
- Experience in payment card forensics (under the PCI PFI program) very desirable, but not required
Skills For Consultant, Incident Response Resume
- Several years of experience in information security
- Excellent working knowledge of layer-two networking issues
- Cybersecurity experience working in medium large scale NOC/SOC teams
- Excellent reporting (written and verbal)
- Excellent working knowledge of computer networks and their vulnerabilities
- Excellent operating system knowledge in Windows-based and Unix-based systems
- Have experience with compromises involving web applications
- Good knowledge of Cyber Threat Intelligence principles to include indicators of compromise (IOC) types, indicator pivoting and indicator attribution strength
Skills For Senior Incident Response Consultant Resume
- Experience in IT Security and Investigations
- Knowledge of and demonstrable experience with a wide range of different attack tools
- Experience with forensic tools such as Encase, W-ways, Axiom, Carbon Black, Countertack and GRR as well as any open source tools
Skills For Incident Response Business Consultant Resume
- Experience in payment card forensics (under the PCI PFI program) desirable
- Experience performing Digital Forensics and Incident Response (DFIR) investigations on multiple Operation Systems; Windows, Mac and Linux
- Understanding of vulnerabilities and tools used to discover/analyse/exploit vulnerabilities (Nessus, Nmap, Metasploit)
- Understanding of at least one framework: ISO 27001/2, FISMA, PCI, HITRUST, NIST 800-series, CoBIT, PCI, etc
- Working within teams of investigators on large scale, diverse and complex investigations
- Operating within an IT security team
- Microsoft Windows operating system internals including kernel, registry, file system, windows APIs and windows IPC mechanisms
- Creative problem solving abilities and an analytic and qualitative eye for reasoning
Skills For Principal Digital Forensics & Incident Response Consultant Resume
- Knowledge of threat hunting and knowledge of the artifacts necessary to review while threat hunting
- Be client facing by interacting with our clients and their executive leadership
- Creative problem-solving abilities and an analytic and qualitative eye for reasoning
- Self-starter with a knack for taking initiative and “getting things done”
- Thorough understanding of enterprise security controls in Active Directory / Windows environments
- Specialise in host centric analysis utilising a variety of tools (e.g. F-Response, X-Ways, Volatility, Cisco AMP, etc…)
- Specialise in network centric analysis utilising a variety of tools (e.g. ELK, StealthWatch, Cisco Umbrella, etc...)
- Comfortable working in a nix environment
- Conference presentations (non-paid marketing events)
Skills For Incident Response & Forensics Consultant Location Resume
- The Linux operating system and associated file systems
- Network protocols including TCP/IP, HTTP, SSL, DNS, and SMTP
- Proficient in technical writing and verbal communication
- Awareness of relevant legislation and familiarity with working within EU and international legislative and regulatory frameworks
- Develop an understanding of, and be flexible to, your needs and provide a fantastic benefits package
- Properly scope engagements, participating in engagements from kick-off through remediation
- Preserve and analyse data from diverse set of data sources, including laptop and desktop computers, servers, networks and mobile devices
Skills For Senior Consultant Incident Response & Digital Forensics Resume
- Knowledge of and the ability to use popular EDR technologies during DFIR engagements
- Triage and analyze malware dynamically within a virtual environment to quickly gain a set of IOCs during an IR engagement
- Knowledge of System Administrator roles and responsibilities with an understanding of Windows Domain environments
- At least three of the following
- Proactively hunt for adversaries on customer networks utilisation a variety of tools and techniques
- Strong track record of understanding and interest in recognised IT Security-related standards and technologies, demonstrated through training, job experience and/or industry activities
- Work with leadership and sales to both present and train on IR, as well as presenting and meeting with potential clients to help drive business
- Willingness and ability to travel throughout North America and South America, to assist customers
Skills For Senior Incident Response & Forensics Consultant Resume
- Travel (primarily domestically)
- Work independently and communicate with clients
- Identify potential new business opportunities within the client base
- Live incident response, systems triage, containment, and remediation
- PCI forensic investigations (PFI)
- Advanced security and forensic experience with two or more major operating systems: Microsoft: 8, 8.1, 7, Vista, XP, Server, 2012, 2008, 2003, 2000; OS X; Unix; Solaris and Linux variants; iOS; Android
- Operational experience with security tools (firewalls, IDS, IPS, SIEMs, proxies, VPNs)
- Familiar with tactics, techniques, and procedures commonly employed by threat actors, and their motivations
- Strong technical communication skills (oral and written) including experience briefing executive management and desire to work with clients to solve complex security issues, including at times in crisis situations
Skills For Senior Incident Response Consultant Location Resume
- Advanced security and computer forensics experience with two or more major operating systems: Microsoft: 8, 8.1, 7, Vista, XP, Server, 2012, 2008, 2003, 2000; OS X; Unix; Solaris and Linux variants; iOS; Android
- Strong technical communication skills (verbal and written) including experience in briefing executive management and a desire to work with clients to solve complex security issues, including during crisis situations
- Fluency in one or more scripting languages (Python, Perl, bash, powershell)
- Be comfortable chasing malware through systems and familiar with persistence mechanisms, injection methods and detection/evasion techniques
- Certifications (GIAC, CEH, etc.)
Skills For Senior Digital Forensics & Incident Response Consultant Resume
- Strong technical communication skills (oral and written) including experience briefing executive management and desire to work with clients to solve complex security issues, including at times in crisis situations; strong organizational and workload management skills
- Broad experience of technical security controls such as firewalls, IDS/IPS, vulnerability management systems, SIEM
- Relevant work experience in: performing technical forensic system examination for cases such as malware investigation, data exfiltration, system compromise, and system user activity profiling
- Quickly understand and adapt to a complex and rapidly changing environment
- Digital investigations incorporating Computer and Network Forensic investigations