Full-Time Principal Incident Responder

NBCUniversal's Cyber Defense Operations team is responsible for providing Cyber Response, Threat Intelligence, Threat Hunting, and Detection for all areas of NBCUniversal. As a member of the Cyber Incident Response Team, a candidate will utilize their technical expertise to assess, contain, and remediate cyber threats across all NBCUniversal Brands and Product Lines. We seek an experienced DFIR Professional to join our Cyber Security team as a Principal Incident Responder.

Responsibilities include:

• Forensically leading incident response engagements, determining root cause analysis, containment actions, and remediation requirements.
• Analyzing threat data to identify security incidents and escalate them to Incident Commanders.
• Containing and remediating incidents ranging in size and complexity.
• Providing detailed timeline analysis to showcase evidence-based conclusions on entry vectors, lateral movement, and campaign correlation.
• Performing advanced malware analysis (static & dynamic), reverse engineering, and identifying Indicators of Compromise (IOCs).
• Articulating attack vectors, threat tactics, and attacker techniques to technical and non-technical stakeholders.
• Generating executive-level incident and forensic reports summarizing incident details.
• Designing, developing, and maintaining Incident Response tools, scripts, and automation workflows.
• Spearheading research and development to stay up-to-date with forensic tools and methodologies.
• Contributing to internal processes and broader organizational initiatives.
• Utilizing analytical skills to correlate multiple log sources, assess business risk, and evaluate impact for security incidents across multiple platforms (Cloud, Hosts, Networks, Applications, Email).
• Collaborating with internal teams, external partners, and vendors.
• Mentoring Junior Incident Response and SOC team members.
• Providing on-call support for escalated events.
• Driving delivery of Cyber initiatives and projects.

Basic Requirements:

• Bachelor's/Master's Degree in IT or equivalent experience.
• 10+ years in Cyber Defense, including Incident Response, Digital Forensics, Malware Analysis, SOC, Threat Hunting, etc.
• Experience supporting or leading incident response functions.
• Experience with industry-standard security toolsets.
• Deep understanding of Cyber Investigations on Windows, Mac, and Linux hosts.
• Expert-level knowledge of malware analysis.
• Excellent analytical, problem-solving, and critical thinking skills.
• Strong verbal and written communication skills.
• Experience drafting incident/forensic reports.
• Ability to work independently and as part of a team.
• Understanding of core Enterprise IT concepts.
• Experience with host-based and network-based forensics tools.
• Knowledge of the cyber threat landscape.
• Knowledge of industry security frameworks (MITRE ATT&CK, etc.).
• Ability to work on-call.

Desired Characteristics include hands-on Incident Response and Threat Monitoring SOC experience, Fortune 1000 company support, various forensic technologies (EDR), scripting/query design, and experience with enterprise cyber security tools.

Additional Requirements:

• Fully Remote position.
• Preferred commute to Orlando, FL or New York, NY.
• Eligibility for company benefits (medical, dental, vision, 401k, etc.).
• Salary range: $160,000 - $175,000 (bonus & long-term incentive eligible).
• Potential in-person interview.

What is the last date for applying to the job?

Which countries are accepted for this remote job?