Incident Response Analyst
Incident Response Analyst plays an important role in supporting day-to-day security operations and conducting information security investigations through forensic analysis of data and indicators of compromise. Implements and manages security incident response procedures using a variety of tools and technologies in order to rapidly identify and respond to threats.
Who are you?
The right candidate will be a highly organized, action-oriented team player with the ability to prioritize daily work and support on multiple initiatives simultaneously; strong communication and customer focus approach that balances security needs and user experience to provide best-in-class security to the organization.
- 2-4+ Years of experience in Information Security or Network Operations Center;
- 2+ years experience acting in a security incident response role with responsibility of analyzing and investigating alerts/threats, and execution of remediation
- Solid understanding of the TCP/IP protocol suite, security architecture, and endpoint security
- Understanding of core security concepts and technologies related to incident investigation
- Experience with various Operating Systems such as Windows, Mac, UNIX, Linux
- Experience documenting incident events and participating in lessons learned meetings.
- Proven track record delivering cyber security and IR services to the enterprise
- Previous experience conducting incident response analysis
- Strong communication skills including the ability to influence others, proven ability to build strong relationships with leadership, IT staff and peers
- Ability to document requirements and enhance existing processes
- GCIH, GNFA, or GCIA certification
- CISSP Certification
- Proactively analyze alerts and data from systems and responds accordingly, including documentation and escalation;
- Participates as part of response teams during security incidents (phishing, ATP, DDOS, malware, etc) through resolution and to lessons learned stage;
- Assists in developing tactical response procedures for security incidents;
- Solid understanding of core security technologies – Firewalls, IDS/IPS, SIEM, APT monitoring and prevention, endpoint protection;
- Participates in product selection, client evaluations, and implementations of security technologies;
- Recommends security and process enhancements to management;
- Participate in red team activities to identify risks not found by existing security tools;
- Provide recommendations in tuning and optimization of security systems, security process, procedures and policies;
- Has excellent verbal and written communication skills and be comfortable presenting to different levels within and outside of the organization;
- Participates in teams on-call rotations, if needed;
- Ability and desire to mentor and assist NOC Engineers.
What we offer:
- Attractive salary package and bonuses;
- Opportunity to work with the latest news in the industry;
- Stay in touch with the latest technologies and trends, suggest new directions and solutions;
- Our company encourages and rewards new ideas that will benefit the working process and the company products
- The company offers a semi-flexible working schedule and supports the education of its employees