This Job Vacancy has Expired!

Senior Cyber Security Incident Response Analyst

Posted on Jan 11, 2022 by Request Technology

Plano, TX 75023
Immediate Start
Annual Salary

Senior Cyber Security Incident Response Analyst

Salary: open + bonus

Location: Plano, TX

*We are unable to sponsor for this permanent Full time role*

*Bonus Eligible*

*You will be required to provide proof of full vaccination upon hire or obtain approval of a valid medical or sincerely held religious exemption from receiving a COVID-19 vaccine prior to your start date*

A prestigious Fortune 500 company is seeking a Senior Cyber Security Incident Response Analyst who enjoys being a blue teamer who is not only passionate about strengthening security posture, but also enjoys goes on the offensive.


  • 5-7 years of Information Security or Incident Response related experience
  • Bachelor's degree in Information Security, Computer Science, Information Technology, related field or equivalent work experience
  • 2+ years of hands-on experience in at least two of the following areas: security operations, incident response, network/host intrusion detection, threat response
  • Demonstrated experience in handling security events in mission critical environments; hands-on troubleshooting, analysis, and technical expertise to resolve incidents and service requests
  • Proven experience in day-to-day operational processes such as security monitoring, data correlation, troubleshooting, security operations etc.
  • Good grasp of security incident response, such as different phases of response, vulnerabilities vs threats vs actors, Indicators of Compromise (IOCs), etc.
  • Experience analysing system and application logs to investigate security issues and/or complex operational issues
  • Solid understanding of enterprise detection technologies and processes (Advanced Threat Detection Tools, IDS/IPS, Network Packet Analysis, Endpoint Protection)
  • Demonstrated experience with utilizing SIEM (such as Splunk, ArcSight etc.) in investigating security issues and/or complex operational issues on Windows and Unix
  • Solid understanding of network protocols and operating systems (Windows, Unix, Linux, Databases)
  • GIAC, GCIH, CEH, CSA+, CISSP certifications
  • Threat Hunting experience
  • Experience in the financial services industry
  • Experience in Scripting, SOAR tool, Programming


  • Manage security events identified from enterprise SIEM tool, Threat Intelligence, end user notifications, etc. to determine security risk and respond accordingly
  • Coordinate response, triage and escalation of security events affecting the company's information assets and activities within the Incident Response team
  • Categorize, prioritize, and normalize an event to determine if it meets the threshold of a potential incident and declare an incident, if required following documented process
  • Analyze and research known indicators of compromise (IOCs), correlate events, identify malicious activity, and take appropriate containment steps
  • Formulate and execute a response to the incident and verify that it is contained, eradicated and systems are recovered
  • Based on the review of the process and steps taken to remediate an incident, suggest and implement improvements in the environment (such as improving technical controls) and/or improve the incident response process
  • Apply critical thinking in understanding the new & emerging threats working along with Cyber Threat Intelligence and Threat detection team and then build & execute required action plan
  • Effectively collaborate other Information Security teams such as Cyber Monitoring, Threat Intel, Forensics, Threat Detection and Vulnerability management teams as well as external teams in various lines-of-business to enable enhancements in the company's security posture
  • Present security analysis, action plan and risks to different audiences and adjust the delivery accordingly (business, technical and management) using either structured presentations or ad-hoc and establish consensus
  • Establish and maintain business relationships with individual contributors as well as management
  • Participate in the review and documentation of requirements for analysing the specific threats to assist in development of new use cases to detect, report, log, track, and escalate security events
  • Augment Incident Response team to ensure 24/7 coverage and operations. Responsibilities occasionally will require working evenings and weekends, sometimes with little or no advanced notice
  • Routinely develop and update incident response playbooks to ensure response activities align with best practices, minimize gaps in response and provide comprehensive mitigation of threats

Reference: 1458807344

Set up alerts to get notified of new vacancies.