Incident Response Analyst

This is a Full Time Job

Who are we hiring?

The Incident Response Analyst is responsible for monitoring, investigating, and responding to security alerts and incidents across the organization. This role partners with internal and external teams to contain threats, remediate vulnerabilities, and restore impacted systems in a timely manner . The Incident Response Analyst also supports incident investigations, documents findings , and helps strengthen the organization’s overall security posture. The ideal candidate is an analytical problem solver who communicates effectively and thrives in a collaborative, fast-paced environment.

What will you do?
• Responsible for carrying out daily security monitoring and response procedures.
• Perform initial incident assessment, evidence gathering, and triage.
• Escalate incidents and participate in or lead remediation efforts .
• Investigate and remediate security events occurring in email, workstations, firewall and other platforms
• Document and report steps taken to resolve security events using information security runbooks and templates
• Provide feedback and recommendations for improvement of security controls and response procedures.
• Assist with expanding MDR/SIEM capabilities, including log coverage, alert development, and process improvements.
• Report weekly metrics to the Information Security Leadership .
• Collaborate with the Technology, People Practices, and Legal and Business Affairs departments to build a more secure MSG.
• Participate in On-Call rotation to remediate alerts/incidents outside regular business hours.
• Assist with managing , analyzing , and remediating phishing emails within our security platform.
• Other information security projects/ duties as assigned .

What do you need to succeed?
• Completed 60 credits of college-level coursework ( representing 2 years) or have shown similar self-development through certifications, trade school coursework, etc. , are preferred.
• 1-2 years of experience in information security and/or digital forensics involving investigating and remediating cyber events.
• Comprehend current cyber security threats such as spear-phishing campaigns, business email compromises, and back-door Trojan malware.
• Experience with Endpoint Detection and Response tools such as Carbon Black, SentinelOne and Microsoft Defender.
• Has a basic knowledge of Windows, Mac, and Linux operating systems . iOS and Android mobile devices.
• Must have experience dealing with confidential information and tact when working on sensitive investigations
• Has a basic knowledge of traditional networking (T CP/IP, DNS, DHCP, etc. ) and cloud infrastructure , such as AWS , GCP, and Azure.
• Able to document detailed investigations, remediations, and procedure changes.
• Communicates effectively with peers, partner teams, and management.
• Enjoys thinking analytically and solving problems individually and as a team.
• Possesses a passion for learning all things, information security and incident response .

Special Requirements
• Participates in On-Call rotation to ensure security incident response coverage is available 24/7/365
• Possible travel of up to 10% if onsite presence is required at the company’s other locations.