150 - 185
5 days ago
7+ years in IT/Security
4+ year of experience in Cyber Incident Response; existing and emerging threats, identification of attackers TTPs
1+ year of experience with
- Windows log analysis and memory forensics
- Network traffic analysis
Ability to work a flexible schedule that may include shift work
- As a IR expert, you will handle the most complex events, guiding team members as necessary
- Functions as the POC for the Incident Response Managers
- Collaborates with remote Cyber-Fusion center for seamless 24x7 coverage handoffs
- Conducts host forensics, network forensics, and log analysis in support of incident response investigations
- Handles escalations from internal and external sources to quickly triage and respond to threats as needed
- Utilizes our technology platforms and security tools to conduct large-scale investigations and collect/examine endpoint and network-based evidence
- Provides technical subject matter expertise related to strategic projects and initiatives that advance the maturity and capability of the Incident Response team
- Develops and follows detailed operational processes and procedures to appropriately analyze, escalate and assist in the remediation of information security-related incidents.
- Mentors, trains, and provides feedback to other analysts to advance their skills and enable new ways of monitoring and detecting threats
- Works in a flexible environment, including shift work, as required to meet business and operational needs.
- Submits reports in a timely manner, ensuring delivery deadlines are met.
- Promotes the documenting of project progress accurately.
- Provides input and assistance to other teams regarding projects.