Arctic Wolf, with its unicorn valuation, is the leader in security operations in an exciting and fast-growing industry—cybersecurity. We have won countless awards for our excellence in security operations and remain dedicated to providing an industry-leading customer and employee experience.

Our mission is simple: End Cyber Risk. We’re looking for an Incident Response Evidence Tech to be a part of making this happen.

Reports To: Negotiations Manager

About the Role:

At Arctic Wolf, we are actively looking for a Negotiation Analyst to join the Threat Actor Communications and Negotiations sector of our Digital Forensic & Incident Response team. The primary responsibility of this role will be to work with Arctic Wolf Incident Response Engagement Manager’s to act as the main facilitator of communication strategy planning and messaging with threat actor groups based on Client goals and threat actor group profiles. The Negotiation Analyst will actively contribute to checking various internal and external communication channels with threat actor groups, documenting threat actor group communications, creating communication and negotiation strategies with threat actor groups, monitoring the dark web data leak websites, documenting threat intelligence on various threat actor groups and downloading information from threat actor group communications and dark web data leak websites.

About You:

You have a passion for cybersecurity, negotiations and threat intelligence, and you are motivated to learn and grow as an industry professional. You are dependable, have an eye for detail, are a team player and have top notch organizational skills. Candidates for this role exhibit calmness under pressure, a “think outside the box” mentality, have excellent written and verbal communication skills, and have a strong desire to help individuals in need.

Responsibilities:

• General

  • Work closely with the Incident Response Engagement Managers, Incident Response Forensic Analysts, Threat Intelligence Operations and Cyber Defense Operations teams, and are familiar with Arctic Wolf’s value proposition and suite of Incident response and proactive services

  • Take ownership and accountability of your work and provide timely updates

  • Be reliable in time sensitive situations while providing extreme attention to detail

  • Be a part of an on-call rotation, which will require weekend work every 3 to 4 weeks

• Threat Actor Group Communications and Negotiations

  • Monitor and document internal and external communications with various threat actor groups

  • Contribute to timely and well-thought-out communication and negotiation messaging, strategies and approaches based on Client goals and needs

  • Leverage open-source intelligence tools (OSINT) to research, gather and document information about various threat actor groups

  • Monitor dark web data leak sites for actionable intelligence

  • Coordinate with Engagement Manager on proper messaging to the threat actor, and updates to the Client, Counsel, Carrier, etc., when applicable

  • Coordinate with third party crypto broker partners for mandatory OFAC sanctions checks and payment of ransom, when applicable

  • Assist in downloading and testing decryption tools in a sandbox environment

  • Assist in downloading information from dark web data leak sites, when applicable

  • Contribute to documentation within threat intelligence information repository, and perform research

Qualifications:

• Required

  • Former professional experience serving in a Client-facing role with a willingness and ability to provide a high-level of customer service in time sensitive situations, while maintaining quality standards

  • Professional experience with using OSINT tools, and techniques

  • Experience with various operating systems, such as Windows, Linux, and Mac OS, and associated common digital artifacts

  • General knowledge of dark web operations

  • General knowledge of ransomware and various threat actor groups

  • Demonstrated history of being relied upon to take ownership over tasks, initiatives, and strategies, and provide communication to appropriate parties under tight timelines

  • General knowledge of current cyberattack vectors, and trends in ransomware and cybersecurity

• Preferred

  • Associate degree or bachelor’s degree in General Information Technology, Computer Networking, Information Security, Computer Science, Digital Forensics, Cybersecurity, Communications or related degrees and/or professional equivalent experience

  • Threat actor group communications and negotiations experience, and/or prior cyber forensic analyst level role with a consultancy or comparable experience

  • Light scripting skills within Windows, Linux and Python

At Arctic Wolf we’re cultivating a collaborative and productive work environment that welcomes a diversity of backgrounds, cultures, and ideas to make our teams even stronger as we grow globally. We’ve been named one of the 50 Most Innovative Companies in the world for 2022 (Fast Company)—and the 2nd Most Innovative Security Company. This is in addition to consecutive awards from Top Workplace USA (2021, 2022), Best Places to Work - USA (2021, 2022) and Great Place to Work - Canada (2021, 2022).

Our Values

Arctic Wolf recognizes that success comes from delighting our customers, so we work together to ensure that happens every day. We believe in diversity and inclusion, and truly value the unique qualities and unique perspectives all employees bring to the organization. And we appreciate that—by protecting people’s and organizations’ sensitive data and seeking to end cyber risk— we get to work in an industry that is fundamental to the greater good.

We celebrate unique perspectives by creating a platform for all voices to be heard through our Pack Unity program. We encourage all employees to join or create a new alliance. See more about our Pack Unity here.

We also believe and practice corporate responsibility, and have recently joined the Pledge 1% Movement, ensuring that we continue to give back to our community. We know that through our mission to End Cyber Risk we will continue to engage and give back to our communities.

All wolves receive compelling compensation and benefits packages, including:

• Equity for all employees

• Bonus or commission pay based on role

• Flexible time off, paid volunteer days and paid parental leave

• 401k match or RRSP

• Medical, Dental, and Vision insurance

• Health Savings and Flexible Spending Agreement

• Voluntary Legal Insurance

• Training and career development programs

Arctic Wolf is an Equal Opportunity Employer and considers applicants for employment without regard to race, color, religion, sex, orientation, national origin, age, disability, genetics, or any other basis forbidden under federal, provincial, or local law. Arctic Wolf is committed to fostering a welcoming, accessible, respectful, and inclusive environment ensuring equal access and participation for people with disabilities. As such, we strive to make our entire employee experience as accessible as possible and provide accommodations as required for candidates and employees with disabilities and/or other specific needs where possible. Please let us know if you require any accommodations by emailing recruiting@arcticwolf.com.

Security Requirements

• Conducts duties and responsibilities in accordance with AWN’s Information Security policies, standards, processes and controls to protect the confidentiality, integrity and availability of AWN business information (in accordance with our employee handbook and corporate policies).

• Background checks are required for this position.