Savings and investment products

Join a MRV portfolio company


Cyber Analyst, Digital Forensics Incident Response



United States · Remote
Posted on Thursday, June 22, 2023

About At-Bay

At-Bay combines world-class technology with industry-leading insurance to help clients meet risk head-on. Partnering with brokers and business owners alike, we provide modern insurance products and cybersecurity insights and services for companies of every size and in every industry. Our team boasts many backgrounds and skills, from analysts and developers to designers and underwriters, and everything in between — all working together to redefine what it means to be a cybersecurity company.

We’re proud to be a diverse company and to have expertise from multiple industries driving our culture. At-Bay is expanding rapidly, and as we grow, we’re prioritizing inclusive hiring practices and supportive team environments. We’re committed to building a company culture where people of all identities and backgrounds are empowered to thrive, develop their career, and bring their full self to work.

At-Bay is a globally distributed company with hubs in Atlanta, New York City, San Francisco, and Tel Aviv. Named as one of six insurance companies that made the Forbes Fintech 50 in 2023, to date, we have raised $292 million in funding from Acrew Capital, Glilot Capital, Icon Ventures, ION Crossover Partners, Khosla Ventures, Lightspeed Venture Partners, M12, entrepreneur Shlomo Kramer, and Qumra Capital.

The Role:

  • Cybersecurity Analysts focused on Digital Forensics and Incident Response (DFIR) deliver incident investigation and response services to At-Bay insureds via:
    • Forensically sound collection, transmission, and storage of digital evidence
    • Analysis of digital evidence to identify indicators of compromise and adversary activity
    • Development of incident timelines and theories of compromise
    • Identification of incident root causes
    • Participation in threat actor negotiations as necessary (e.g., ransom negotiations, etc.)
    • Participation in incident recovery (e.g., restoration of data from backups, reimaging workstations and servers, rebuilding network infrastructure, etc.) activities as necessary
    • Development and delivery of incident reports to document key incident details for engagement stakeholders including executive leaders for insureds, breach coach attorneys, and At-Bay claims management staff as necessary
    • Development and delivery of recommendations to mitigate the risk of future incidents for impacted insureds
    • Development and delivery of incident response training and simulations for targeted insureds

Key skills:

  • Previous digital forensics and incident response experience
  • Strong oral and written communications skills
  • Previous hands-on experience performing digital forensics and incident response including several of the following:
    • Business Email Compromise
    • Ransomware
    • Digital evidence collection and analysis
    • Development and analysis of cyber threat intelligence
    • Leadership of or participation in investigations involving digital evidence
    • Intrusion detection / cyber threat hunting
    • Malware analysis
    • Incident recovery activities such as restoration of data from backups, operation of decryptor tools, etc.
  • Previous hands-on experience working in information technology operations (e.g., Network Operations Center, Security Operations Center, Incident Response Team, etc.)

Minimum requirements:

  • Bachelor’s degree or equivalent
  • Minimum of 2 years of experience in cybersecurity operations, incident response, incident recovery, or another security discipline
  • Willingness to travel as needed to perform job functions

Preferred requirements:

  • Significant undergraduate or graduate coursework in computer science, computer engineering, information systems, or cybersecurity
  • Previous background in law enforcement or government / military with experience leading complex technical investigations
  • Knowledge of cloud environments including knowledge of cloud security products and services offered by major cloud service providers (e.g., AWS, Azure, Google)
  • Experience in a top-10 cyber consulting firm or leading DFIR provider preferred
  • One or more industry cybersecurity certifications (e.g., GCIH, Security+, CISSP, etc.)

Work location:

  • USA, nationwide