This Job Vacancy has Expired!

Senior Cyber Security Incident Response Analyst

Posted on Jan 11, 2022 by Request Technology

Plano, TX 75023
IT
Immediate Start
Annual Salary
Full-Time

Senior Cyber Security Incident Response Analyst

Salary: open + bonus

Location: Plano, TX

*We are unable to sponsor for this permanent Full time role*

*Bonus Eligible*

*You will be required to provide proof of full vaccination upon hire or obtain approval of a valid medical or sincerely held religious exemption from receiving a COVID-19 vaccine prior to your start date*

A prestigious Fortune 500 company is seeking a Senior Cyber Security Incident Response Analyst who enjoys being a blue teamer who is not only passionate about strengthening security posture, but also enjoys goes on the offensive.

Qualifications

  • 5-7 years of Information Security or Incident Response related experience
  • Bachelor's degree in Information Security, Computer Science, Information Technology, related field or equivalent work experience
  • 2+ years of hands-on experience in at least two of the following areas: security operations, incident response, network/host intrusion detection, threat response
  • Demonstrated experience in handling security events in mission critical environments; hands-on troubleshooting, analysis, and technical expertise to resolve incidents and service requests
  • Proven experience in day-to-day operational processes such as security monitoring, data correlation, troubleshooting, security operations etc.
  • Good grasp of security incident response, such as different phases of response, vulnerabilities vs threats vs actors, Indicators of Compromise (IOCs), etc.
  • Experience analysing system and application logs to investigate security issues and/or complex operational issues
  • Solid understanding of enterprise detection technologies and processes (Advanced Threat Detection Tools, IDS/IPS, Network Packet Analysis, Endpoint Protection)
  • Demonstrated experience with utilizing SIEM (such as Splunk, ArcSight etc.) in investigating security issues and/or complex operational issues on Windows and Unix
  • Solid understanding of network protocols and operating systems (Windows, Unix, Linux, Databases)
  • GIAC, GCIH, CEH, CSA+, CISSP certifications
  • Threat Hunting experience
  • Experience in the financial services industry
  • Experience in Scripting, SOAR tool, Programming

Responsibilities

  • Manage security events identified from enterprise SIEM tool, Threat Intelligence, end user notifications, etc. to determine security risk and respond accordingly
  • Coordinate response, triage and escalation of security events affecting the company's information assets and activities within the Incident Response team
  • Categorize, prioritize, and normalize an event to determine if it meets the threshold of a potential incident and declare an incident, if required following documented process
  • Analyze and research known indicators of compromise (IOCs), correlate events, identify malicious activity, and take appropriate containment steps
  • Formulate and execute a response to the incident and verify that it is contained, eradicated and systems are recovered
  • Based on the review of the process and steps taken to remediate an incident, suggest and implement improvements in the environment (such as improving technical controls) and/or improve the incident response process
  • Apply critical thinking in understanding the new & emerging threats working along with Cyber Threat Intelligence and Threat detection team and then build & execute required action plan
  • Effectively collaborate other Information Security teams such as Cyber Monitoring, Threat Intel, Forensics, Threat Detection and Vulnerability management teams as well as external teams in various lines-of-business to enable enhancements in the company's security posture
  • Present security analysis, action plan and risks to different audiences and adjust the delivery accordingly (business, technical and management) using either structured presentations or ad-hoc and establish consensus
  • Establish and maintain business relationships with individual contributors as well as management
  • Participate in the review and documentation of requirements for analysing the specific threats to assist in development of new use cases to detect, report, log, track, and escalate security events
  • Augment Incident Response team to ensure 24/7 coverage and operations. Responsibilities occasionally will require working evenings and weekends, sometimes with little or no advanced notice
  • Routinely develop and update incident response playbooks to ensure response activities align with best practices, minimize gaps in response and provide comprehensive mitigation of threats

Reference: 1458807344

Set up alerts to get notified of new vacancies.