Incident Response Analyst

About The Position

Requirements

• Bachelors Degree in Information Technology, Engineering, or a related field preferred but not required.
• 2 years working in the Information Technology or Computing Field preferred but years in other career paths considered.
• Basic understanding of security defenses (anti-virus, firewalls, access controls)
• Basic understanding of types of attacks, exploits & methods used to compromise or damage computing systems & networks.
• Basic understanding of networking & internet communications

Nice To Haves

• Security+ or similar security certification a plus
• Experience with any of the following technologies greatly preferred: Splunk Log & Event Platform (basic query & report building), Network Access Control, Vulnerability Scanning, Advanced Detection & Response Endpoint Agents, Network Packet Capture & Event Analysis, Threat Intelligence Platforms, Microsoft Patching & Device Management Platforms
• Experience with Splunk SOAR a plus
• Experience with scripting, (batch, PowerShell, python, etc..) a plus

Responsibilities

• Responsible carrying out daily monitoring & response security procedures
• Monitor IT Systems, Security alerting queues, & review daily reports
• Perform initial incident assessment, evidence gathering, & triage
• Escalate incidents, & participate in remediation efforts
• Provide feedback & recommendations for improvement of security controls & response procedures
• Communicates with peer Security/Operations teams & management with expected interactions with business users & vendors
• Assists with day-to-day security functions, respond to help tickets, requests for assistance with accessing Starr systems & software
• Splunk Log & Event Platform (basic query & report building)

Benefits

• First class training and development opportunities