Lead or support cybersecurity incident response engagements involving ransomware, advanced persistent threats (APT), insider threats, phishing campaigns, malware infections, unauthorized access, cloud compromises, and other cyber incidents.
Responsibilities include:
Perform incident triage and determine scope and severity.
Identify attack vectors and affected assets.
Collect and preserve forensic evidence.
Perform root cause analysis.
Coordinate containment activities.
Support eradication of adversary presence.
Restore systems to secure operational status.
Develop incident timelines.
Produce executive and technical incident reports.
Recommend security improvements to prevent recurrence.
Cyber Hunt Operations
Conduct proactive threat hunting activities designed to identify adversaries before significant impact occurs.
Responsibilities include:
Develop hunt hypotheses based on current intelligence.
Analyze endpoint, network, cloud, identity, and application logs.
Identify Indicators of Compromise (IOCs) and Indicators of Attack (IOAs).
Detect persistence mechanisms.
Identify lateral movement.
Investigate privilege escalation.
Hunt for known threat actor Tactics, Techniques, and Procedures (TTPs).
Leverage MITRE ATT&CK methodologies.
Produce actionable hunt findings.
Incident Handling & Event Management (IHEM)
Support enterprise Incident Handling and Event Management capabilities consistent with NIST guidance and industry best practices.
Responsibilities include:
Monitor security events and alerts.
Validate and declare security incidents.
Perform event analysis and prioritization.
Coordinate incident response activities.
Conduct technical investigations.
Execute containment procedures.
Support remediation efforts.
Validate recovery activities.
Document lessons learned.
Improve incident response processes.
Digital Forensics & Analysis
Support forensic investigations involving:
Windows
Linux
Cloud environments
Active Directory
Microsoft 365
Azure
AWS
Containers
Virtual infrastructure
Experience with:
Memory analysis
Disk analysis
Log analysis
Timeline reconstruction
Registry analysis
Malware triage
Security Technologies
Consultants should have practical experience with one or more of the following:
Splunk
Microsoft Sentinel
CrowdStrike Falcon
Microsoft Defender
Elastic
QRadar
Palo Alto Cortex
Trellix
Carbon Black
Rapid7
Tanium
Tenable
Qualys
AWS Security Services
Azure Security Center
Microsoft Defender XDR
EDR/XDR platforms
Job Requirements
Minimum 7 years of cybersecurity experience.
Minimum 5 years supporting Incident Response or Security Operations Center (SOC) environments.
Experience responding to live cybersecurity incidents.
Experience performing enterprise threat hunting.
Strong understanding of:
NIST Cybersecurity Framework
NIST SP 800-61 Computer Security Incident Handling Guide
NIST SP 800-53
MITRE ATT&CK Framework
Cyber Kill Chain
Zero Trust Architecture
Experience analyzing:
Windows Event Logs
Sysmon
Active Directory
DNS
Firewall logs
Authentication logs
EDR telemetry
Cloud audit logs
Excellent written and verbal communication skills.
Ability to explain technical findings to executive leadership.
Desired Qualifications
One or more of the following certifications:
CISSP
GIAC Certified Incident Handler (GCIH)
GIAC Certified Forensic Analyst (GCFA)
GIAC Certified Enterprise Defender (GCED)
Certified Ethical Hacker (CEH)
CompTIA CySA+
CompTIA Security+
Splunk Certified Architect
Splunk Enterprise Security Certified Admin
Microsoft Certified Security Operations Analyst (SC-200)
Microsoft Cybersecurity Architect (SC-100)
AWS Security Specialty
Certified Cloud Security Professional (CCSP)
Preferred Experience
Experience supporting:
Federal Civilian Agencies
Department of Defense
Intelligence Community
Critical Infrastructure
Healthcare
Financial Services
Energy Sector
Experience with:
Continuous Diagnostics and Mitigation (CDM)
Continuous Monitoring
Threat Intelligence
Insider Threat
Vulnerability Management
Malware Analysis
Digital Forensics
Cloud Incident Response
Identity-based attacks
Zero Trust implementations
Availability Requirements
Candidates must be able to:
Respond to urgent requests within agreed Service Level Agreements (SLAs).
Participate in after-hours, weekend, and holiday incident response activities.
Support remote engagements nationwide.
Participate in surge support during major cybersecurity incidents.
Key Competencies
Incident Response Leadership
Cyber Threat Hunting
Digital Forensics
Malware Investigation
Log Analysis
Enterprise Security Monitoring
SIEM Operations
Executive Communication
Technical Documentation
Problem Solving
Crisis Management
Team Collaboration
Deliverables
Consultants may be expected to produce:
Incident Response Reports
Executive Briefings
Threat Hunt Reports
Root Cause Analysis Reports
Lessons Learned Documentation
Indicators of Compromise (IOC) Reports
Security Recommendations
Recovery Validation Reports
Remediation Plans
Position Pay Range
$150—$150 USD
About Copper River & The Native Village of Eyak:
Owned by the Native Village of Eyak (NVE), a federally recognized Alaska Native Tribe, the Copper River Family of Companies are a collection of entities that deliver a complementary set of solutions and services to support the diverse missions and requirements of our clients. Proud participants of the Small Business Administration’s (SBA) 8(a) Business Development Program since 2006, our companies consist of both current and graduation SBA 8(a) entities. It is our collective purpose to support the Tribe and diversify the NVE’s ability to facilitate economic advancement.
The income generated from our companies helps the Native Village of Eyak fund health and social services, economic development, natural resource/environmental education, jobs, job training, and other benefits to the NVE in a manner that is consistent with Alaskan Native cultural values and traditions.
Copper River’s Culture
The Copper River Family of Companies has a positive, supportive, and thriving culture. At the foundation of our culture is a focus on collaboration. No matter your role or which operating company you work for, we are ONE TEAM working toward the same goals for our customers and for our collective owner- The Native Village of Eyak. How we treat each other is just as important as the work we deliver.
Benefits
Comprehensive medical, dental, and vision coverage
Flexible Spending Account - healthcare and dependent care
Health Savings Account - high deductible medical plan
Retirement 401(k) with employer match
Open leave policy and paid holidays
Additional benefits including tuition reimbursement, transportation expense account, employee assistance program, and more!
Note: These benefits are only applicable to full time, regular associates at Copper River.
Disclaimer:
The Copper River Family of Companies provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.