Currently Empty: $0.00
Ransomware Response Specialist
Salary- $90K/yr - $120K/yr
Remote
Posted 1 month ago
Job Summary
We are seeking a highly motivated Ransomware Response Specialist to join our Cyber Incident Response team. The successful candidate will be responsible for investigating, containing, and responding to ransomware attacks affecting enterprise environments. This role requires expertise in incident response, digital forensics, malware analysis, threat hunting, and cybersecurity operations. The ideal candidate will work closely with clients, security teams, and executive stakeholders to minimize business disruption and strengthen cyber resilience.
Job Description
As a Ransomware Response Specialist, you will lead investigations into ransomware incidents, identify attack vectors, perform forensic analysis, coordinate containment and recovery efforts, and provide strategic recommendations to prevent future attacks. You will collaborate with Security Operations Centers (SOC), Threat Intelligence teams, and IT departments to ensure rapid and effective incident resolution.
Key Responsibilities
- Lead ransomware incident response engagements from detection through recovery.
- Investigate ransomware infections and determine root causes.
- Perform forensic analysis on compromised endpoints, servers, and cloud environments.
- Analyze attacker tactics, techniques, and procedures (TTPs).
- Identify indicators of compromise (IOCs) and recommend containment actions.
- Conduct threat hunting activities to uncover additional malicious activity.
- Coordinate with internal stakeholders and external clients during cyber incidents.
- Develop incident response reports and executive-level briefings.
- Assist organizations with system recovery and business continuity efforts.
- Recommend security improvements to reduce future ransomware risks.
- Support tabletop exercises and ransomware preparedness assessments.
- Maintain knowledge of emerging ransomware groups and threat landscapes.
Required Qualifications
- Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or related field.
- 3+ years of experience in Incident Response, SOC Operations, or Digital Forensics.
- Strong understanding of ransomware attack methodologies.
- Experience with Windows, Linux, and Active Directory environments.
- Knowledge of SIEM, EDR, and threat detection tools.
- Familiarity with MITRE ATT&CK Framework.
- Excellent analytical and communication skills.
Preferred Qualifications
- Experience handling enterprise-scale cyber incidents.
- Knowledge of cloud security platforms (AWS, Azure, GCP).
- Familiarity with malware reverse engineering.
- Experience with forensic investigation tools.
- Understanding of cyber insurance and breach response processes.
Technical Skills
- Incident Response
- Digital Forensics
- Threat Hunting
- Malware Analysis
- SIEM Platforms (Splunk, QRadar, Sentinel)
- EDR Solutions (CrowdStrike, SentinelOne, Microsoft Defender)
- Active Directory Security
- Network Security
- Python or PowerShell
- MITRE ATT&CK Framework
Certifications Preferred
- GIAC Certified Incident Handler (GCIH)
- Certified Ethical Hacker (CEH)
- CompTIA Security+
- Certified Information Systems Security Professional (CISSP)
- GIAC Certified Forensic Analyst (GCFA)
Benefits
- Health, Dental, and Vision Insurance
- Remote Work Opportunities
- Performance Bonuses
- Cybersecurity Training Budget
- Certification Reimbursement
- Retirement Savings Plan (401k)
- Paid Time Off (PTO)
- Professional Development Programs
Job Features
| Job Category | Cyber Security |




