Pre-loader

Onsite Technician

On-Site, First Responder, Team Lead, 90% Travel Required. Reports to the On-Site Director’s supporting Arete’s Clients.  As an On-Site Technician, you are a part of the First Responders service team who ensure we meet and exceed our service level agreements, and Arete’s “best practices.” Being on Arete’s OnSite team requires the ability to be on call, and at the ready to deploy at a moment’s notice. In this role, you are a first responder to cybercrime attacks, impacting hundreds of small and midsize clients across the US, every day. On-Site, First Responders, is a key delivery component of the Arete Incident Response service. Arete OnSite Incident Responders must be on the ground quickly.

Responsibilities

  • Act as a team member providing incident response & analysis services involving both on-site/deployed and remote/lab-based activities.
  • Analyze events, alerts, and logs from both network (proxies, firewalls, IDPS, SentinelOne, network forensics) and endpoint computing devices (smart devices, laptops, workstations servers) for tactical IR purposes to identify malicious and activity of interest
  • Analyze netflow and packet capture data
  • Provide critical guidance and skills on remediation tasks to reduce client downtime, specific to the attack type (variant). Intercept any problematic recommendations or decisions local IT might make to create further issues, complications, costs in reducing client downtime or destroy key artifacts for the Forensics investigation.
  • Troubleshoot Arete’s recommended EDR tool SentinelOne (S1), to contain and stop any further spread of malware. Creating operational efficiency, reducing time and costs & client downtime
  • Facilitate Targeted Collection using local collection tools OnSite (send to the lab for processing, analysis) or assist Forensics leads with remote capture and Forensics Investigation and analysis. Flag systems that could have contained PII & PHI for collection and analysis.
  • Assess network layout and architecture in context of responding to incidents for response and recovery
  • Execute Advanced Persistent Threat (APT) “hunting” / analysis operations
  • Formulate strategic mitigation recommendations and/or plans
  • Leverage working knowledge of IR frameworks for live forensics and analysis
  • Configure/execute sweep parameters using tools such as Mandiant Intelligent Response (MIR) or Google Rapid Response (GRR)
  • Assist in managing IR engagements and communicating with customers and stakeholders
  • Develop final engagement reports and brief senior officials Requirements

Requirements

  • 3+ years’ experience involving work directly related to listed skill areas and equivalent to abilities typically held by recent graduates with Bachelor’s degrees in the course of study listed below. OR
  • Bachelor’s Degree in a technical field
  • Strong communications and technical writing skills
  • Strong team player with the ability to conduct daily duties autonomously DESIRED
  • Understanding and knowledge of various log formats from a variety of network and computer devices • Familiarity with memory captures and analysis of them
  • Experience and familiarity with tactical triage of binaries for surface and run time analysis for incident response purposes
  • Understanding and working knowledge of common critical network protocols and layer 7 technologies such as SMTP, HTTP, HTTP/S, SSL/TLS, DNS, FTP, SSH, and others
  • Familiarity with advanced persistent threats (APT) and their tactics, techniques, and procedures (TTPs)
  • Familiarity with the Kill Chain™ for incident response
  • Fundamental understanding of Windows, Mac OSX, and Linux operating systems
  • Possess basic programming or scripting skills
  • Fundamental understanding of OSI model, basic networking and troubleshooting concepts
  • Familiarity with virtualization software
  • CISSP, CEH, SANS/GIAC, or similar certifications

 

When you join Arete…

You’ll be doing work that matters alongside other talented people, transforming the way people, businesses, and things connect with each other. Of course, we will offer you great pay and benefits, but we’re about more than that. Arete is a place where you can craft your own path to greatness. Whether you think in code, words, pictures or numbers, find your future at Arete, where experience matters.

Equal Employment Opportunity

We’re proud to be an equal opportunity employer- and celebrate our employees’ differences, regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or Veteran status. Different makes us better.