The Extended Detection and Response (XDR) Consultant is a fast-paced technical consulting role at the forefront of a global Incident Response Consulting team. A seasoned professional with excellent client interaction skills and appropriate technical knowledge will be successful in this role – focusing on responding to XDR customer requests for immediate assistance in investigating detected or suspected threat activity.
The XDR Consultant will be the first person from the Incident Response Consulting team to respond to XDR customer escalations. The ideal candidate will be able to rapidly assess the existing data to orient with regards to the threat levels being observed, and provide immediate containment and remediation advice to the customer. The ideal person is expected to collect and analyze additional data using digital forensic analysis techniques, to answer investigative questions that can’t be established purely from the available telemetry.
This position will require flexible work hours including weekend days to provide coverage across multiple time zones.
This is primarily a remote position.
- Work with Customers to rapidly assess Cyber Security Incidents that are escalated to Secureworks
- Manage urgent and critical interactions with Customer technical staff
- Maintain professional, calming, and authoritative presence in crisis situations
- Monitor several communication channels for incoming emergency response service requests
- Take ownership of, triage, and update tracking systems for service requests
- Gather contextual information from multiple sources to establish a service request course of action
- Meet service level agreements regarding initial response time and client notification as it pertains to Secureworks IR and managed XDR services
- Facilitate communications with customers and service delivery specialists to assess scope, objectives, and required skillsets for IR service requests
- Provide instructions in written and oral formats to customers for media handling and artifact collection that are required for IR service requests
- Provide internal stakeholders the necessary information for decision support and situational awareness on service request intake activities
- Provide written and verbal handovers to an escalation team of senior responders or regional teams that the role will collaborate with
- Support the development and documentation of process and tooling improvements for efficient and effective response to MDR service requests
Knowledge, Skills, and Abilities:
- Excellent technical communication skills (oral and written) including experience briefing executive management and experience in times of crisis
- Theoretical and practical knowledge in the following areas:
– Windows and Linux operating systems
– Exploits, vulnerabilities, intrusion vectors, and malware
– Host forensics, network forensics, and malware analysis techniques
– Network traffic analysis, endpoint activity analysis, and log analysis techniques
– Understanding of enterprise cyber incident management and response processes
– Understanding of enterprise cybersecurity controls and failure modes
– Working knowledge of modern Enterprise Detection and Response (EDR) tools
- Excellent organization and resource management skills
- Excellent capability to prioritize multiple and concurrent urgent tasks
- Excellent customer service skills and ability to quickly establish technical credibility and rapport with clients
- Minimum five (5) years of experience in cybersecurity operations or IT/Network Security Engineer
- Minimum three (3) years in a client facing support role (Security Engineer, Client Services, Consulting, Professional Services)
- Professional degree relevant to cybersecurity
- GCIH, GCFE, GCFA, GREM or similar certifications
Here are more reasons to join our team!
Take a look at what we offer and feel free to reach out to us for more details!
Development programs and cybersecurity training/ certifications – because we grow together
Internal Career Progression Plan for top performers – we encourage you to follow internal opportunities
Regular workshops – we are the largest community of cybersecurity experts and we enjoy sharing our best practices during our Communities of Practice and to our trainees
Work from home policy – your time matters
Medical and Dental subscription – flexible package and you can include your family members
Annual Performance Bonus
Why work with us?
Secureworks, a Dell Technologies company, is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at Secureworks are based on business needs, job requirements and individual qualifications, without regard to race, colour, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. Secureworks will not tolerate discrimination or harassment based on any of these characteristics.
Secureworks® (NASDAQ: SCWX) is a global cybersecurity leader that protects customer progress with Secureworks® Taegis™, a cloud-native security analytics platform built on 20+ years of real-world threat intelligence and research, improving customers’ ability to detect advanced threats, streamline and collaborate on investigations, and automate the right actions.
We enjoy competitive compensation and benefits packages, and reward and recognize our employees for exceptional results. A constant focus on continued learning and growth keeps our team members engaged and excited about “what’s next.” We offer flexible work options when available, and emphasize the importance of work-life balance. We know that when our people are rewarded, recognized, and rejuvenated, we win as a team.
Sponsors & Partners
They help us make this conference possible.
Orange Romania is the leader of the local telecom market and part of the Orange Group, one of the largest global telecommunications operators, connecting hundreds of millions of customers worldwide. With over 11 million customers and an annual turnover exceeding 1.5 billion euros, Orange Romania connects 1 in 2 Romanians and offers an extensive range of communication solutions to its customers, both individual users and companies, from basic services up to complete voice services, fixed and mobile data, TV services or smart home services, but also mobile financial services. Orange is also a leader in innovation investing yearly over 200 million euros in network infrastructure and R&D initiatives in Romania. In the past 3 years Orange has launched two 5G Labs in Bucharest and Iasi, that aim to support researchers, startups and companies to test their 5G solutions in advance. In addition, Orange is a long-term supporter of the startup ecosystem through the Orange Fab accelerator program designed to support entrepreneurs in the development of innovative products and their distribution locally and internationally.
Orange Services was created in 2013 and is a 100% owned subsidiary of Orange Group. As a technology services company, our DNA is in IT, but our teams also work in other domains including mobile networks and a number of commercial and business functions. Orange Services is one of the largest technology hubs in the Orange Group, working internationally for both Orange corporate functions and country operations. Through a unique combination of cutting edge know-how and expertise, our teams provide a broad range of services: development and supervision of IT services in domains such as Big Data, Cloud, M2M, IoT, TV, Connected Objects; design and development of IT infrastructure and desktop solutions; testing & planning for mobile networks; implementation of supply chain solutions and also improvement of commercial & business performance including BI, CRM, Analytics, Digital learning and Customer Care. Visit us on LinkedIn.