Zoomies help the world connect — and deliver happiness while doing it. We set out to build the best video conferencing product for the enterprise, and today help people communicate better with products like Zoom Phone, Zoom Rooms, Zoom Video Webinars, Zoom Apps, and OnZoom.

We’re problem-solvers and self-starters, working at a fast pace to design solutions with our customers and users in mind. Here, you’ll work across teams to dig deep into impactful projects that are changing the way people communicate, and enjoy opportunities to advance your career in a diverse, inclusive environment. 

We are looking for a remote Sr. Security Analyst, Incident Response Professional who will play a key role as part of the Security Operations Center (SOC) team. 

Responsibilities

• Perform tier three analysis conducting host forensics, network forensics, log analysis, and malware triage in support of incident response investigations in order to determine root cause. 
• Recognize and codify attacker tools, tactics, and procedures in indicators of compromise (IOCs) that can be applied to current and future investigations.
• Build scripts, tools, or methodologies to enhance incident investigation processes.
• Develop and present comprehensive and accurate reports, trainings and presentations for both technical and executive audiences.
• Experienced with EnCase, FTK, SIFT, Splunk, Redline, Volatility, WireShark, TCPDump, and open-source forensic tools.
• Ability to communicate technical details in clear and concise terms to senior management. 

Required Skills and Experience

• Must have a minimum of 8-10 years of Incident Response and Forensics experience with a min of 5 years in Cyber Defense/Information Technology.
• Experience with incident response and forensics tools.
• Deep understanding of Linux, Windows, malware analysis, host/network based forensics, memory forensics and network traffic analysis.  
• Experience developing scripts and automating tasks to enhance investigations. 
• Must be a U.S. person as required by Zoom government clients; must be a Permanent Resident of the United States.

Education

B.S. or M.S. in Information Security, Computer Science, Business Administration or equivalent experiences and certifications (CISSP, GSEC, GCFE, GNFA, GC

*This position is 100% based in the United States (can be remote)