Search

Use your LinkedIn profile to find the right job match for you.

Job Match
Skip to main content

Proactive Incident Response Consultant - Secureworks - Japan

Kawasaki, Japan

Apply now
Job ID R041355 Date posted Nov. 05, 2019

Incident Response Consultant (Proactive) – Secureworks – Tokyo, Japan

SRC-IR Group

SecureWorks is a global leader in providing intelligence-driven information security solutions. We play an important role, as no organization in the world is immune from cyberattacks and the nature of the attack is changing every day. Internet security is a problem that will never be solved. Unlike point products that address a specific technology issue, we attack the problem holistically by analyzing threat actor tactics, techniques and procedures, and develop solutions using best-of-breed technologies to protect our clients. We are one of the best in the world at understanding the threat.

In short, we give our clients an early warning capability. SecureWorks was founded in 1999 and headquartered in Atlanta, Ga., with offices in all the major security markets around the globe. We have more than 2,000 team members, and partner with more than 4,200 clients in 59 countries to keep the bad guys out of their networks. We’ve been consistently recognized by industry analysts, readers’ polls and as a leader in the Gartner Magic Quadrant for managed security services, worldwide.

Role Overview

The Incident Response Consultant (Team Echo) works with clients in the growing area of cybersecurity incident response management. This role focuses on preparing clients to effectively handle cybersecurity incidents as well as occasionally providing advisory services to clients experiencing incidents. Helping clients prepare for incidents includes developing and evaluating response capabilities and process documentation, delivering training, and conducting exercises to test response capabilities. The successful candidate will have experience in developing, managing, and operating incident response capabilities, conducting training, exercises and workshops, and will be familiar with tactics, techniques, and procedures commonly employed by and used to thwart threat actors. Familiarity with the drivers and constraints that organizations are working with and against while trying to secure their infrastructure and data is a necessity.

Role Responsibilities

- Promote SecureWorks by participating in external speaking engagements, writing whitepapers and blogposts, and ensuring identification of opportunities for additional support to be provided to clients

-Design and deliver incident response exercises to test client incident response plans; oversee the delivery of exercises by other consultants

-Develop detailed incident response plans and playbooks based on client needs

- Contribute to the continual improvement of services that we deliver to clients and the processes that the team utilizes to deliver them

- Serve as subject matter expert in incident response capability development and improvement

- Provide objective, actionable, and complete guidance that enables and improves our clients’ incident management capabilities

-Conduct assessments of client readiness to respond to incidents, including designing and delivering incident response exercises to test client incident response capabilities; review the assessments of other consultant

- Manage consulting workload, client requirements, and internal projects and tasking as assigned

- Support complex incident response; review analysis and conclusions of other consultants

-Document findings, develop recommendations and present both orally and in written reports

-Mentor junior staff

Requirements 

- Minimum of 3 years of information security experience (Incident Response, CSIRT Operations, SOC, Vulnerability Management, Risk and Governance, Threat Intelligence, Security Assessments, etc.)

- Minimum of 1 year of experience developing incident response plans and playbooks

- Minimum of 1 year of consulting experience

-Fluent in Japanese

Preferences

- Developing and managing incident response capabilities across multiple departments in an enterprise environment

- Conducting tabletop exercises

- Networking and system administration experience (Windows and Unix/Linux)

- Experience with common computer forensic / incident response tools and processes

- Operational experience with security tools (firewalls, IDS, IPS, SIEMs, etc.)

- Understanding of vulnerabilities and tools used to discover, analyze, and exploit vulnerabilities

-Bachelor's degree in computer science, information systems, information assurance, or equivalent work experience

-Technical or professional certifications such as EnCE, CEH, GCIH, GCFA, CISA or CISSP, etc.

- Familiar with tactics, techniques, and procedures commonly employed by threat actors, and their motivations

- Understanding of at least one framework: ISO 27001/2, FISMA, PCI, HITRUST, NIST 800-series, CoBIT, PCI, etc.

- International travel may be required. The candidate should possess or be able to possess a passport and be able to travel internationally.

- Ability to transport multiple Pelican cases, weighing up to 40lbs, to client sites.

- Demonstrated ability to manage all facets of a client offering, including presales, marketing, steady state maintenance and development, delivery, and post-delivery.

-Technical or professional certifications such as GCFA, CISA or CISSP, etc.

Location- Tokyo with the ability to work remote


SecureWorks is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy), sexual orientation, gender identity and/or expression, national origin, protected veteran status, disability, genetics, or citizenship status (when otherwise legally authorized to work) and will not be discriminated against on the basis of such characteristics or any other status protected by the laws or regulations in the locations where we operate. SecureWorks encourages applicants of all ages.

◆概要

SecureWorks Japan株式会社は、情報セキュリティコンサルタントを募集します。

◆職種

情報セキュリティコンサルタント

◆業務内容

下記情報セキュリティのリスクに掛かるコンサルティング、お客様組織内のインシデントマネジメント(CSIRTなど)に係るコンサルティングを中心とした下記のコンサルティング業務、及びプリセールスにおける提案活動業務。

・セキュリティインシデントに関する対応計画策定、導入支援

・インシデント対応計画のレビューによるインシデントへの対応準備状況を評価

・インシデント対応能力向上に向けた机上訓練サービスの提供

・CSIRT構築支援や机上訓練によるインシデント対応計画の作成、改善及びプリセールスにおける提案活動業務

・セキュリティ施策の構築(ポリシー等の文書作成含む)、展開、進捗管理

・情報セキュリティガバナンスに係るコンサルティング

具体的には、下記いずれかの知識や業務経験を基に上記業務を実施していただきます。

・NIST Cyber Security Framework、ISO27001、COBIT、ITIL、CSIRT(CSIRP)、PCI-DSS、PA-DSS、BCP、IT-BCP

◆求める経験・能力・スキル

【必須要件】

・最低3年以上の以下の分野での業務経験

インシデントレスポンス、CSIRP運営、SOC、脆弱性管理、ガバナンス/リスク管理、脅威情報ハンドリング、セキュリティアセスメント等

・最低1年以上のインシデント対応計画策定またはインシデント対応手順(より技術的な対応手順)策定

・最低1年以上のコンサルティング経験

・日本語による社内外の関係者とのコミュニケーションや、メール等の文面でのコミュニケーション、ドキュメント作成スキルを有すること

【歓迎要件】

・企業における組織横断的なインシデント対応体制の管理や強化策策定、実施経験

・インシデント対応についての机上訓練の実施経験

・ネットワークやWindows、Unix、Linux系システムの管理経験

・インシデント調査に使用するツールやフォレンジックツールと、それらを活用したインシデント調査実施の経験

・セキュリティ製品の管理経験(Firewall、IDS、IPS、SIEM等)

・脆弱性についての理解や、脆弱性のExploit、検出、分析に関するツールの知識

・情報工学、計算機工学(コンピュータ工学)、電気工学、またはそれらに関連する分野の学士号の取得。またはそれと同様レベルの業務経験

・以下のいずれかの資格の保有

EnCE、 CEH、 GCIH、 GCFA、 CISA、CISSP

・攻撃者が利用するTTP(Tactics, Techniques, Procedure)に関する知識や、攻撃者のモチベーションについての理解

・最低1つ以上の以下のフレームワークについての理解

ISO 27001/2、FISMA、 PCI、 HITRUST、 NIST 800シリーズ、 CoBIT

・海外出張が必要となる可能性があるため、パスポートを保有し、海外出張が可能であること

・フォレンジックツール一式が搭載されたカートをお客様環境に持ち運べること(約20KG)

・プロジェクト実施における全てのフェーズ(プリセールス、プロジェクトデリバリー、クロージング)が対応できること

◆資格

下記情報セキュリティに関するいずれかの資格保持者を歓迎します。

・CISSP

・CISA、CISM

・ISO27001(ISMS) 審査員資格/内部監査員資格

・PCI QSA

・情報セキュリティスペシャリスト

・その他セキュリティ関連資格

◆語学力

海外拠点のお客様や弊社のアメリカ本社との英語によるコミュニケーションが出来る方を歓迎します。

また、将来的に英語でのビジネス経験を積んでいきたい方(意欲のある方)も歓迎します。

Employees at work Explore This Location

Related Stories