Security Analyst - Incident CommanderSeniorRemoteFull-timeA month ago

Career Path Advertising
Do You Want to Discover Your Ideal Career Path?Craft Your Own Career Path for Free!

About the job

The Cybersecurity Analyst will lead in day-to-day security operations, identifying threats and vulnerabilities, containing, and recommending corrective actions for eradication. This role will test and ensure compliance of internal and commercial offerings with security policies and standards, as well as with applicable regulations and laws. You will also perform assessments of systems and networks within the network environment or enclave and identify where those systems/networks deviate from acceptable configurations, enclave policy, or local policy. The output will measure the effectiveness of defense-in-depth architecture against known vulnerabilities. As a member of the Cyber Security Incident Response Team (CSIRT), you will be the front-line responder, combating cybersecurity threats against our Information Technology Environments/Services. You will conduct incident response activities, including advanced investigation, response, and remediation. Each member of the team will play a role in Incident Response, Forensics, Threat Hunting, and Cyber Threat Intelligence.

What will you do?

Include, but are not limited to, the following:

  • Lead on incidents response, pull on the other teams to follow up for a plan, troubleshooting, documenting properly
  • Conduct monitoring and detection analysis using cybersecurity defense tools.
  • Communication must be good and writing skills as well. Proficient with business terms.
  • The person has to communicate with managers and stakeholders, etc.
  • On incident response rotation duties - every 5 weeks or so on.
  • Correlate activity across assets (endpoint, network, apps) and environments (on-premises, cloud) to identify patterns of anomalous activity.
  • Build and manage relationships with 3rd party SOC providers.
  • Review and assess alerts to contain any intrusions or threats.
  • Provide reports on events that occur within the environment.
  • Communicate at every level of the organization in a way that is effective for that level.
  • Test systems to understand compliance with cybersecurity policies and drive remediation, as required.
  • Stay abreast of emerging threats and vulnerabilities to assist in identification of incidents.
  • Preserve all records indicating changes made to access control lists to facilitate audits and other investigations.
  • Maintain detailed program metrics around initiative goals.
  • Participate in an on-call rotation.
  • Uphold company mission and values through accountability, innovation, integrity, quality, and teamwork.
  • Support and comply with the company’s Quality Management System policies and procedures.
  • Maintain regular and reliable attendance.
  • Ability to act with an inclusion mindset and model these behaviors for the organization.

Qualifications

Minimum Qualifications

  • Bachelor’s degree in computer science, engineering, or related field as outlined in the essential duties; or Associates Degree and 2 years of relevant experience as outlined in the essential duties in lieu of a Bachelor’s degree; or High School Diploma/General Education Degree and 4 years of relevant experience as outlined in the essential duties in lieu of Bachelor’s Degree.
  • 5+ years relevant work experience in incident response, digital forensics, infrastructure security in a regulated environment.
  • Strong customer focus with a track record for driving delivery and operational performance improvements across an organization.
  • Demonstrated track record of rapidly responding to alerts, threatening hunting, digital forensics, threat mitigation and remediation.
  • Excellent change management and issue resolution skills with the ability to deliver results.
  • Excellent verbal and written communication skills as well as customer service and organizational skills.
  • Demonstrated ability to perform the essential duties of the position with or without accommodation.

 

Preferred Qualifications

  • Obtained or working towards industry certification/s relating to incident response/digital forensics (CISSP, GCFE, GCIH, CEH, etc.).
  • Experience in healthcare or biotech industries.

Skills

Hard Skills

  • Security

Soft Skills

  • Analysis and Problem Solving
  • Analytical Thinking
  • Detail Oriented / Quality of Work
  • Process Oriented
  • Results Oriented

Technical Skills

  • AWS