Symantec Lead Incident Response Investigator in Olympia, Washington

Relentlessly protect the world s information. Make a difference at Symantec. Across the globe, we are an essential partner to both consumers and businesses of all sizes. We combine our talents, our brains, and our creative energy to reinforce our place as a world-class technical community. Responsibilities: * Be a primary first responder for incidents for Symantec customers: Lead Symantec and Partner fly-to-site Incident Response teams to conduct highly-confidential investigations for Symantec customers. * Direct other Symantec consultants and partner resources to collect and process evidence * Act as liaison between Symantec s internal intelligence teams Symantec consulting and partner fly-to-site resources * Be a Thought Leader: Speak on behalf of Symantec at key industry conferences. Blog on and author whitepapers on emerging trends of security operations methodology, information security concepts, security analysis and monitoring, incident response methodologies, and investigative tools and techniques. * Participate in an on-call rotation with your peers to triage incoming requests for assistance * Assess existing Incident Response plans of Symantec customers and recommend improvements to both plans and security monitoring programs in use * Take a lead role in authoring client reports on relevant findings and peer review of partner reports * Participate in the improvement and development of methodologies, process/procedure manuals and documentation Qualifications: Required Technical Skills * Expert understanding of network protocols, TCP/IP fundamentals * Expert understanding of operating systems (Windows, Linux or OS X, iOS/Android) * Expert understanding of intrusion detection systems (e.g. Snort, Suricata) and tools (e.g. tcpdump, Wireshark) OR expert in one or more of the following: * Knowledge of Malware Triage and Reverse Engineering * Knowledge of network based services and client/server applications * Knowledge of enterprise systems and infrastructure * Expert understanding of network architecture and security infrastructure placement * Familiarity with security tools such as Anti-Virus, Anti-Spam/Email security systems and Data Loss Prevention Tools; Symantec tools a plus * Expert understanding of computer/network forensics tools (e.g. Encase, NetWitness) * Expert understanding of legal/regulatory aspects of Incident Response processes and methodologies * Background performing computer security incident response and digital forensics Other Required Skills * Ability to successfully interface with Symantec partners and clients at both technical and executive levels * Ability to lead technical incident response teams and coordinate response efforts. * Ability to manage multiple projects under tight deadlines * Experience in config/mgmt of feeds into event aggregation and correlation systems (e.g., Splunk, ArcSight) * Awareness of or experience with competitor Incident Response services or technology Symantec is an equal opportunity employer. All candidates for employment will be considered without regard to race,