If you feel like Incident Response and Recovery hasnât changed in the past 10 years, youâre not alone. Business operations arenât just on endpoints anymore. Itâs behind applications in Okta tiles, auto-scaling workloads, code repos, and sprawling data stores across one or many public clouds. At MOXFIVE, weâre focused on eradicating adversaries across our clientâs entire digital footprint, and that demands a faster, nimbler approach to DFIR.
We know high quality incident response starts and ends with great people. MOXFIVE is looking for the weekend warriors, the late-night crusaders, or any variation in between to do investigative work at a pace that matches your lifestyle.
Youâre a âretiredâ incident responder thatâs called it quits because of missed one too many holidays and an exhausting on-call schedule. If youâre honest though, you miss the investigation. Finding actual evil and seeing the latest threat activity is more exciting than your day job, and youâd love to get your fix on some live response data without committing all your waking hours.
You know that $I30 isnât referring to your local interstate, and that the easiest way to get on your bad side is to be handed a timestamp that isnât in UTC. Youâve got a âToolsâ folder sitting on your workstation somewhere with your favorite forensic scripts at the ready to tear into the next piece of suspicious activity you see. And speaking of suspicious activity, youâve honed a keen sense for knowing the difference between legitimate users and threat actor activity because youâve seen them in action.
Hundreds of times.
Windows environment investigations feel like the back of your hand at this point, and youâve been starting to expand your knowledge on cloud-native forensics. Account takeovers are the new malware after all, and investigating the latest threats across Azure, GCP, AWS, and SaaS Apps is the growing frontier youâve been looking to sink your teeth into.
Youâre insatiably curious, addicted to threat intel, and an investigator at heart. Ultimately, youâd love an opportunity that allows you to get deeply technical and solve real cases at an intensity thatâs compatible with your day job and every day life.
Youâll be joining a seasoned team of high performing incident response consultants as part of our contract bench that are the tip of the spear for all forensic activity at MOXFIVE. With that, youâll be eligible for picking up live response work and analysis to support breaches ranging from ransomware to nation-state threats at a schedule that makes sense for you. Your analysis expands our capacity to support clients at the highest level of quality.
Experience responding to threat activity as an IR consultant or SOC analyst
Strong understanding of Windows/Mac/Linux fundamentals, forensic artifacts, BEC analysis, and network analysis
Existing knowledge or passion to learn cloud-native investigations across AWS, GCP, and Azure
An unwavering emphasis on investigation at the highest level of quality
Perspective and voice to continue to shape our practice
At least a few free hours a week on your schedule to take on IR work. Weâre day-job friendly (as long as your employer is cool with it).
Disclaimer:
All official MOXFIVE communications will only come from an @moxfive.com email address.
$80 to $100 USD / billable hour based on skills and experience. Prorated full-time compensation of $160,000 to $200,000 USD.
moxfive