Cybersecurity Analyst
Description:
Job Description
Cybersecurity Analyst
Location: New York, NY
Duration: Full Time
Position Overview:
Client is seeking experienced cybersecurity professionals to join our Incident Response Retainer (IRR) pool. This role involves on-demand response to security incidents, including forensic investigations, malware analysis, and ransomware containment, while also providing strategic support and readiness training throughout the year.
This is a flexible, retainer-based engagement, ideal for individuals with deep experience in cybersecurity incident handling, digital forensics, and enterprise threat mitigation.
Key Responsibilities:
Respond to Cybersecurity Incidents:
Provide both remote and on-site response to confirmed or suspected security events.
Support incident types including malware infections, data breaches, fraud, insider threats, and ransomware.
Forensics & Investigations:
Conduct digital forensics, log analysis, and evidence preservation across on-prem, cloud, and hybrid environments.
Perform malware analysis and reverse engineering.
System Restoration & Threat Mitigation:
Assist in restoration of compromised systems and negotiation efforts during ransomware events.
Facilitate threat actor communication and resolution when required.
Fraud & Special Investigations:
Support investigations related to fraudulent activity, providing forensic and legal documentation as needed.
Strategic Advisory:
Review and recommend improvements to cliet Incident Response Plan and IR Playbooks.
Offer up-to-date insights on threats, vulnerabilities, and best practices.
Training & Exercises:
Lead an annual tabletop exercise simulating real-world attack scenarios.
Provide ad hoc threat hunting or incident simulation support.
Preferred Qualifications:
5+ years of experience in incident response, cyber forensics, or security operations.
Experience working with public sector, financial, or regulated entities.
Deep familiarity with: EDR/XDR tools (CrowdStrike, SentinelOne, etc.)
Cloud and hybrid environments (AWS, Azure, GCP)
Chain of custody and legal evidence handling
Ability to work under pressure in time-sensitive situations.
Relevant certifications such as GCFA, GCIH, CISSP, CISM, or CEH a plus.
Strong written and verbal communication skills.
Full-time
Hybrid remote