Incident Response Analyst
About The Position
Edgewater is seeking an Incident Response Analyst to provide support to an Edgewater Federal government contract. Due to the nature of the contract and work, US Citizenship is required Responsibilities As an Incident Response Analyst, you and team will be responsible for: Manning a 24x7x365 cybersecurity operations center and responding to alerts, notification, communications and providing incident response activities such as tracking the incident, communication with stakeholders, remediation and recovery actions and reporting. Ensure reports are properly entered into the incident tracking. Expected to have knowledge of cybersecurity incidents, anomaly analysis, log analysis, digital forensics, common threat vectors and be able to comprehend reports and determine what additional action and response activities may be required to resolve an incident. Follow established SOP’s, policies and other procedures for escalation and notification of Federal Leadership and reporting. The ideal candidate must have a good understanding of Splunk SIEM.
Requirements
- BS in Computer Science, Information Management, Cyber Security, or related field (additional years of experience may be considered in lieu of education)
- 1+ years of Cyber Security experience
- Sound cyber security knowledge foundation, to include sufficient understanding of networking and application layer protocols
- Knowledge of the cyber kill chain or other frameworks
- Operational understanding of enterprise networking and security tools (firewalls, Antivirus, HIDS, IDS/IPS, proxy, WAF), Windows and Unix/Linux systems’ operations
- Knowledge of digital investigations and incident response processes, including detection, triage, incident analysis, remediation, and reporting
- Experience creating and tracking investigations to resolution
- Knowledge of information security, threats, attacks, vulnerabilities, techniques, and exploits
- Ability to troubleshoot complex alerts and investigate to discover root cause
- Strong written and verbal skills to effectively communicate at all levels in government and industry
- US Citizenship is required
Nice To Haves
- Experience in some of the following: FireEye, Microsoft Defender, Phishing reporting tools, DLP solutions, Tenable, or other scanning tools.
- Experience in working with Cloud Platforms
- Knowledge of basic Scripting and Windows PowerShell.
- Strong written and verbal skills to effectively communicate at all levels in government and industry.
Responsibilities
- Manning a 24x7x365 cybersecurity operations center and responding to alerts, notification, communications
- Providing incident response activities such as tracking the incident, communication with stakeholders, remediation and recovery actions and reporting
- Ensure reports are properly entered into the incident tracking
- Comprehend reports and determine what additional action and response activities may be required to resolve an incident
- Follow established SOP’s, policies and other procedures for escalation and notification of Federal Leadership and reporting
Benefits
- Paid Time Off & Holiday Pay
- Medical Insurance
- Dental Insurance
- Vision Insurance
- Disability, Life Insurance, and AD&D
- Flexible Spending Accounts
- Pre-Tax 401K and/or After-Tax Roth IRA (with employer matching contribution)
- Tuition and Technical Training Reimbursement
- Exercise Reimbursement
- Computer Reimbursement
- Employee Assistance Program
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Entry Level
