Job

7+ years in IT/Security

4+ year of experience in Cyber Incident Response; existing and emerging threats, identification of attackers TTPs

1+ year of experience with

• Windows log analysis and memory forensics
• Network traffic analysis

Ability to work a flexible schedule that may include shift work

• As a IR expert, you will handle the most complex events, guiding team members as necessary
• Functions as the POC for the Incident Response Managers
• Collaborates with remote Cyber-Fusion center for seamless 24x7 coverage handoffs
• Conducts host forensics, network forensics, and log analysis in support of incident response investigations
• Handles escalations from internal and external sources to quickly triage and respond to threats as needed
• Utilizes our technology platforms and security tools to conduct large-scale investigations and collect/examine endpoint and network-based evidence
• Provides technical subject matter expertise related to strategic projects and initiatives that advance the maturity and capability of the Incident Response team
• Develops and follows detailed operational processes and procedures to appropriately analyze, escalate and assist in the remediation of information security-related incidents.
• Mentors, trains, and provides feedback to other analysts to advance their skills and enable new ways of monitoring and detecting threats
• Works in a flexible environment, including shift work, as required to meet business and operational needs.

Maintaining Goals:

• Submits reports in a timely manner, ensuring delivery deadlines are met.
• Promotes the documenting of project progress accurately.
• Provides input and assistance to other teams regarding projects.