Incident Response Specialist
About The Position
Best Buy is an ideal place to pursue an interest in Information Security because it combines industry leadership with a strong commitment to innovation and security. As the world’s leading consumer electronics retailer, generating over $40 billion in annual revenue, Best Buy continues to grow while investing heavily in future-focused expansion and technological advancement. Alongside enhancing customer-facing applications, the company is building world-class security tools and methodologies to protect customer data. By joining Best Buy’s Information Security Team as an Incident Response Specialist, you become part of a dynamic, forward-thinking group of experts dedicated to detecting and disrupting threat actors through advanced data analysis, threat intelligence, and cutting-edge technologies. In this role, you will contribute on the front lines of security, strengthening detection and response capabilities while continuously improving the company’s overall security posture and resilience. This role is hybrid, which means you will work some days at our corporate office in Richfield, Minnesota, and some days virtually from home or another non-Best Buy location. The specific work arrangements vary by role and team. The recruiter or hiring manager will provide more details during the hiring process.
Requirements
- 5 or more years of experience in Digital Forensic Incident Response in a large-scale enterprise environment.
- 5 or more years of experience performing forensic analysis on volatile host data.
- 5 or more years of experience performing network log and traffic analysis.
- Experience communicating with non-technical and technical stakeholders.
- Strong case management and documentation skills.
- Strong analytical and problem-solving skills under pressure.
Nice To Haves
- Bachelor's degree in Cybersecurity or related discipline.
- Relevant cybersecurity certifications (GIAC, EC-Council, Offensive Security, etc.).
- Previous experience working in cloud environments in a Cybersecurity capacity.
- Experience authoring detection signatures.
- 2 or more years of recent experience conducting dynamic and static malware analysis.
- Understanding and utilization of KQL.
- Understanding of regular expression and at least one common scripting language (PERL, Python, PowerShell, ETC).
Responsibilities
- Respond to cybersecurity incidents by collecting and analyzing digital evidence
- Develop and present forensic findings to stakeholders
- Perform data analytics to identify and validate potential security threats
- Apply knowledge of various technologies to assess evidence for relevance and forensic value
- Conduct network forensic investigations, including packet analysis
- Analyze malware to understand functionality and identify indicators of compromise (IOCs)
- Participate in proof-of-concept testing for new cybersecurity tools
- Prepare detailed, formal written reports suitable for legal or compliance purposes
- Support incident response activities with post-mortem briefings, analysis, and reporting
Benefits
- Competitive pay
- Generous employee discount
- Physical and mental well-being support
- Different types of leaves of absence (LOA) and potential pay sources
- Intermittent or reduced-schedule leave
- Paid time off (vacation or PTO)
- Various forms of incentive pay
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
