Incident Response Analyst, Senior
About The Position
Incident Response Analyst, Senior Key Role: Apply an understanding of monitoring, analyzing, detecting, and resp ond ing to cyber events and incidents in information systems and networks. Contribute to an integrated, dynamic cyber defense and leverage cybersecurity solutions to deliver cybersecurity operational services, including int rus ion detection and prevention, sit uational awareness of network int rus ions, security events, and data spillage, and incident response actions. Contribute to the development of innovative principles and ideas, work on unusually complex problems, and provide solutions that are highly creative. Handle major, high-impact incidents, generate clear, concise recommendations, and coordinate activities and professional communications across a range of stakeholders. Work closely with security teams to develop, tune, automate, and enhance network and host-based security devices, support the Security Operations Center (SOC) with managing the response to client Cyber int rus ions, perform extensive network and host triage, maintain strict chain-of-custody, analyze documentation and reports, and perform remediation, as required.
Requirements
- 5+ years of experience in cybersecurity or information technology disciplines
- 3+ years of experience with Advanced Persistent Threat ( APT ) hunting, penetration testing, digital forensics, malware reverse engineering, SOC operations, or incident response
- Experience with Incident Response tools such as SentinelOne, Splunk, or Micro sof t Defender
- Ability to adapt communications styles and messaging for professionals at all levels of leadership
- Secret clearance
- Bachelor's degree
- OSCP, CCNA-Security, CySA+, GCIH, GICSP, or PenTest+ Certification
Nice To Haves
- Ability to detect and search for MITRE ATT & CK TTPs and common attacker methodologies using PCAP data with tools such as Wireshark
- Ability to analyze Security Information and Event Management ( SIEM ) alerts to identify security issues for investigation and remediation
- Ability to profile and track malicious actors that pose a threat in coordination with threat intelligence support teams
- Ability to review and analyze security log files from various sources, including cloud, network, endpoint, or ICAM
- Ability to be self-driven, work independently, and handle multiple tasks concurrently
- TS / SCI clearance
Responsibilities
- Monitoring, analyzing, detecting, and responding to cyber events and incidents
- Contributing to cyber defense and leveraging cybersecurity solutions
- Developing innovative principles and ideas for complex problems
- Handling major, high-impact incidents and coordinating with stakeholders
- Developing, tuning, and automating network and host-based security devices
- Supporting the Security Operations Center (SOC) in managing cyber intrusion responses
- Performing network and host triage and maintaining chain-of-custody
- Analyzing documentation and reports and performing remediation
Benefits
- health
- life
- disability
- financial
- retirement benefits
- paid leave
- professional development
- tuition assistance
- work-life programs
- dependent care
- recognition awards program
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Number of Employees
1-10 employees
