Cybersecurity Incident Response Triage IR Analyst

About The Position

Requirements

• US Citizenship required
• Excellent communication skills and knowledge in incident response lifecycles, common cyber-attacks, insider-threat indicators and warnings, data loss prevention and detection mechanisms, and federal incident reporting requirements.
• Excellent communication (written and oral), attention to detail and interpersonal skills
• Experience presenting complex technical information to decision makers and leading them through the decision making process
• Work independently to deliver timely solutions without direct supervision
• 1-2 years experience in information security, or other equivalent combination of education or equivalent work experience.
• 1 year(s) of experience performing event and log analysis including one or more of the following: Anti-Virus, Intrusion Detection Systems, Firewalls, Active Directory, Web Proxies, Data loss prevention tools and other security tools found in large enterprise network environments; along with experience working with Security Information and Event Management (SIEM) solutions.

Nice To Haves

• SANs GIAC Certifications including but not limited to: GCED, GCLD, GCIH, GCFA, GREM; CISSP, Security +

Responsibilities

• Actively monitor and respond to cybersecurity incidents related to alerted policy violations
• Analyze and investigate incidents to determine their nature and scope.
• Coordinate with the lead and other Cybersecurity Incident Response Teams for effective incident resolution.
• Document incidents and response activities in detail.
• Stay updated with the latest cybersecurity threats and trends.
• Assist in developing and refining incident response strategies and procedures.
• Collaborate with operations teams, legal, human resources and management to investigate security issues and interview investigation subjects to determine true and false positives.