Apply on Employer Site

Fox Point Recruitment LLC · 3 months ago

Senior Incident Response Analyst

United States

Full-time

Remote

Mid, Senior Level

4+ years exp

Fox Point Recruitment LLC is a recruitment company seeking a Senior Incident Response Analyst to resolve security incidents and recommend enhancements to improve security. The role involves executing the enterprise-wide Incident Response Plan, collaborating with various business units, and developing presentations for senior leadership.

Human Resources

Responsibilities

Reviews current configurations of the organization's production information systems and networks against compliance standards

Prepares the prevention and resolution of security breaches and ensure incident and response management processes are initiated

Implements and discuss security service audit schedules, review access authorization, and perform the required access controls testing to identify security shortfalls

Designs of automated scripts, contingency plans, and other programmed responses which are launched when an attack against systems has been detected

Collaborates with Information Security Architects, Information Security Engineers, and software or hardware stakeholders at Centene

Notifies internal and/or external teams according to agreed alert priority levels, escalation trees, triaging of security alerts, events, and notifications

Ties third party attack monitoring services and threat reporting services, into internal CIRT (Cyber Incident Response Team) communications systems

Performs post-mortem analysis with logs, network traffic flows, and other recorded information to identify intrusions by unauthorized parties, as well as unauthorized activities of authorized users

Performs other duties as assigned

Complies with all policies and standards

Qualification

Cloud cybersecurity experienceAWSAzure understandingIndicators of compromise (IOC)Endpoint protection softwareNetworkInfrastructure technologiesAnalytical skillsHigh level of accuracyToolsTechniquesWiz & Wiz DefendSANS certifications preferredProject management skillsDecision making skillsWork independentlyIdentify problems

Required

A Bachelor's degree in a quantitative or business field (e.g., statistics, mathematics, engineering, computer science)

Requires 4 to 6 years of related experience

4-6 years of Cloud cybersecurity experience performing incident triage and response

Intermediate-to-advanced understanding of AWS and Azure environments

Knowledge of tools, techniques, and processes (TTP) used by threat actors

Knowledge of Indicators of compromise (IOC)

Knowledge of Wiz & Wiz Defend

Experience with Endpoint protection and enterprise detection & response software (such as CrowdStrike, MS Defender, etc.)

Knowledge of Network and infrastructure technologies including routers, switches, firewalls, etc

Intermediate - Seeks to acquire knowledge in area of specialty

Intermediate - Ability to identify basic problems and procedural irregularities, collect data, establish facts, and draw valid conclusions

Intermediate - Ability to work independently

Intermediate - Demonstrated analytical skills

Intermediate - Demonstrated project management skills

Intermediate - Demonstrates a high level of accuracy, even under pressure

Intermediate - Demonstrates excellent judgment and decision making skills

Preferred

SANS GIAC Security Essentials (GSEC), SANS GIAC Certified Intrusion Analyst (GCIA) or equivalent, SANS GIAC Certified Incident Handler (GCIH) or equivalent preferred