**Enterprise Incident Management/Associate IR Consultant (Remote-Any US)** in Overland Park, KS at BetterJobs

Date Posted: 11/8/2019

Job Snapshot

Job Description

Company Description

At Optiv, we’re on a mission to help our clients make their businesses more secure. We’re one of the fastest growing companies in a truly essential industry.

In your role at Optiv, you’ll be inspired by a team of the brightest business and technical minds in cyber security. We are passionate champions for our clients, and know from experience that the best solutions for our clients’ needs come from working hard together. As part of our team, your voice matters, and you will do important work that has impact, on people, businesses and nations. Our industry and our company move fast, and you can be sure that you will always have room to learn and grow. We’re proud of our team and the important work we do to build confidence for a more connected world.

Job Description


The Associate Security Consultant is a member of the Enterprise Incident Management (EIM) team with the primary responsibility for responding to and investigating security incidents. The successful candidate must possess an understanding of digital investigations and their underlying principles. Applicable fields of digital investigations include incident response, computer forensics, network forensics, e-discovery, malware analysis, memory analysis, and an understanding of information security principles. Associate Security Consultants are able to take direction from their peers and perform specific phases of an investigation. From digital evidence collection, processing, basic analysis, remediation processes and providing enterprise-wide security recommendations for clients that help mitigate vulnerabilities and prevent future attacks. Associate Consultants should understand the process to perform live incident management activities that include reactive and proactive engagements, identifying and remediating malicious applications and actions.

PRIMARY DUTIES AND RESPONSIBILITIES (at least one Reactive or Proactive proficiency)


  • Live incident response: triage, containment, and remediation
  • Digital forensics
  • Log review from varying security technologies
  • Network traffic analysis


  • Incident response risk assessments
  • Incident management program development
  • Incident management tabletop exercises

Additional Responsibilities:

  • Work with supervisory oversight and able to independently work in a remote capacity.
  • Demonstrate the ability to learn and leverage investigative workflows to counter new and unknown threats.
  • Remain current on information security, emerging threat trends, and tools including methodologies to combat the same.
  • Travel as needed to customer locations to perform reactive and proactive engagements including frequent travel with little notice. Ability to travel internationally is required.
  • Adhere to policies, procedures, and security practices in accordance with assigned customer’s established practices and internal policies.
  • Resolve problems and understand escalation procedures; coordinate escalations and collaborate with client technology teams to ensure timely resolution of issues.
  • Strong technical writing skills required.
  • Take meticulous notes and demonstrate strong reporting capabilities with an emphasis on detail.
  • Perform other related duties as assigned.

Job Requirements


Basic Qualifications

  • Minimum one (1) year of experience performing in incident response roles that include containment and isolation, forensics, root cause analysis, and remediation.
  • Minimum one (1) years of experience in a consulting services role or a related information technology position.
  • Ability to travel 50% of the time.

Preferred Qualifications

  • Strong interest in technology and a desire to develop professionally in the network, security, and digital investigations fields.
  • Understanding of network analysis tools
  • Desired certifications include: GIAC Certified Forensics Examiner (GCFE), EnCase Certified Examiner (EnCE) Certification, Certified Computer Examiner (CCE), and Certified Computer Forensics Examiner (CCFE).
  • Basic understanding and use of supporting commercial and open source security tools.
  • Familiarity with different network architectures, network services, operating systems, network devices, development platforms and software suites.
  • Demonstrated ability to create assessment reports.
  • Work collaboratively with customers and self-manage through difficult situations with a focus on client satisfaction
  • Ability to work independently as well as in a team environment.
  • Ability to multitask, balancing multiple projects simultaneously.
  • Ability to respond onsite in a 24/7/365 environment; must be willing to work evenings, overnight, weekends, and holiday hours as needed.
  • Knowledge of programming and scripting for the development of security tools and systems automation.
  • Bachelor’s Degree from a four-year college or university in Information Assurance, Computer Science, Management Information Systems or related area of study; or related experience and/or training; or equivalent combination of education and experience.


Additional Information

All your information will be kept confidential according to EEO guidelines.