Information Security Sr Analyst-Incident Response

Job Summary

The Information security Sr. Analyst -Incident Response in the computer security incident response team will be responsible for developing and executing standards, procedures and processes to uncover, resist and recover from security incidents. This position is for an early career analyst that will learn and grow throughout their security career. This is a very technically challenging career track in cyber security and technical acumen, passion, and determination will be highlighted in the interview process.

Key Responsibilities

The role fulfills the following tasks:

• Responds to computer security incidents according to the computer security incident response policy and procedures
• Provides technical guidance to first responders for handling cybersecurity incidents
• Provides timely and relevant updates to appropriate stakeholders and decision makers
• Communicates investigation findings to relevant business units to help improve the cybersecurity posture
• Validates and maintains incident response plans and processes to address potential threats
• Compiles and analyzes data for management reporting and metrics
• Analyzes potential impact of new threats and communicates risks back to detection engineering functions
• Performs root-cause analysis to document findings, and participate in root-cause elimination activities as required
• Triages and assesses the risk of incidents, performing real-time analysis and managing workload during investigations/incidents

• Creates runbooks for frequently occurring incidents to automate or at least assist with the resolution of those cases

Management Responsibilities

Preferred Qualifications

• Candidates will be evaluated primarily on their ability to demonstrate the competencies required to be successful in the role, as described above.
• Candidates will be evaluated based on their ability to perform the duties listed above while demonstrating the skills and competencies necessary to be highly effective in the role. These skills and competencies include:
• Ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understood, authoritative and actionable manner.
• Understands organizational mission, values, goals and consistent application of this knowledge
• Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one
• Ability to effectively influence others to modify their opinions, plans or behaviors
• A team-focused mentality, with the proven ability to work effectively with diverse stakeholdersStrong problem-solving and troubleshooting skills

Minimum Qualifications

• Candidate must have 5+ years of experience in incident response
• BS or MA in computer science, information security or a related field
• Familiarity with incident response frameworks and methodologies, including frameworks like NIST 800-61 and MITRE ATT&CK.
• Experience with incident response tools and technologies, including tools for security information and event management (SIEM), forensics, and/or threat intelligence even in a lab environment is beneficial.
• Experience with reporting and communicating incident details, improving incident response processes and recovering from security incidents is beneficial

All applicants must be able to complete pre-employment onboarding requirements (if selected) which may include any/all of the following: criminal/civil background check, drug screen, and motor vehicle records search, in compliance with any applicable laws and regulations.

Certifications

Work Environment/Physical Demands

Competencies

Salary Plan

Job Grade