Incident Response Analyst @ Computerworld | Jobright.ai
JOBSarrow
RecommendedLiked
0
Applied
0
Incident Response Analyst jobs in United States
172 applicants
expire-info-iconThis job has closed.
job-post-linkOriginal Job Post
company-logo

Computerworld · 2 days ago

Incident Response Analyst

positionUnited States
timeFull-time
remoteRemote
seniorityMid Level
date4+ years exp

Wonder how qualified you are to the job?

ftfMaximize your interview chances
Information TechnologyNews
check
Senior Management

Insider Connection @Computerworld

Discover valuable connections within the company who might provide insights and potential referrals, giving your job application an inside edge.

Responsibilities

Assess cybersecurity incidents to investigate, validate, respond, and recover the environment, and perform additional activities such as root cause analysis and resilience recommendations. Serve as the primary escalation point for the SOC in the event of an incident.
Communicate and coordinate with internal and external teams during incidents and breaches.
Design, implement, and document IR processes, procedures, playbooks, and guidelines.
Participate in breach and attack simulation and purple teaming exercises to stress test the incident response plans and playbooks.
Compose and deliver executive-level reports, presentations, and postmortems for key stakeholders.
Provide relevant, strategic recommendations to help improve the security posture of an organization during and after an incident.
EDR/IDS/IPS
NDR/Network
Identity Provider (IdP) authentication policies
Email defense platforms
Integration of threat intelligence feeds with security policy enforcement points
SIEM and XDR detections
Security orchestration, automation, and response (SOAR) playbook development
Apply knowledge of monitoring, analyzing, detecting, and responding to cyber events to develop clever, efficient methods and technology to detect all types of threat.
Document specifications, playbooks, and detections - not as an afterthought, but through the whole process.
Work with developers to build security automation workflows, enrichments, and mitigations.
Evaluate policies and procedures and recommend updates to management as appropriate.

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

Incident ResponseMalware AnalysisDigital ForensicsData AnalysisPenetration TestingInformation AssuranceProgramming LanguagesScripting LanguagesPythonPowerShellComputer SystemsComputer NetworkingCloud ComputingVulnerability RecognitionExploit IdentificationMalware IdentificationEvidence PreservationPolicy ImprovementEmergency ResponseSecurity FrameworksNIST SP 800-61SANS Security ControlsMITRE ATT&CKOWASP Top 10Problem-SolvingCommunicationCollaborationCuriosityTenacityAdaptability

Required

Bachelor’s degree or equivalent practical experience in incident response, computer science, cybersecurity, information technology, software engineering, information systems, or computer engineering
Four or more years in an incident response role required
Malware analysis, digital forensics, data/network analysis, penetration testing, information assurance, leading incident handling preferred
Programming and scripting languages, preferably Python and PowerShell
Strong written and verbal communication skills; must be able to effectively communicate to all levels of staff up to executive-level management, customers (internal and external), and vendors
Deep understanding of computer systems and concepts, including operating systems, computer networking, cloud computing
Continually updated understanding of and ability to recognize and categorize types of vulnerabilities, exploits, and associated attacks
Continually updated understanding of and ability to identify, capture, contain, and report malware
Ability to preserve evidence integrity in keeping with standard operating procedures and/or national standards
Motivation to continually improve the incident response program and associated policies and procedures
Identification of opportunities to improve collaboration and communication with internal and external stakeholders to mitigate incidents and follow protocols
On-Call nights and weekends based on response SLA requirements
Curiosity and tenacity as related to forensic investigations and threat hunting
Ability to work effectively under pressure; previous experience as an emergency medical responder, firefighter, or related high-pressure environment preferred but not required
Willingness and experience in supporting people from a variety of backgrounds and areas across the organization
Common attacker types and motivations (e.g., nation-state sponsored, ransomware gang, script kiddie, insider threat, etc.)
Familiar with and have worked within security frameworks such as: NIST SP 800-61, Attack lifecycle, SANS Security Controls, MITRE ATT&CK, Kill chain, OWASP Top 10
SANS Security 500 Series or other industry standard equivalent recommended but not required
Public Trust
Must be a U.S. Citizen

Preferred

Scripting and automation for use in SOAR is a plus
Ability to work effectively under pressure; previous experience as an emergency medical responder, firefighter, or related high-pressure environment preferred but not required
Preference given for CCE, CCFE, CEH, CPT, CREA, GCFE, GCFA, GCIH, GCIA GIAC, Splunk Core, OSCP, SANS Security 500 Series or other industry standard equivalent
SANS Security 500 Series or other industry standard equivalent recommended but not required

Company

Computerworld

twittertwittertwitter
company-logo
Computerworld is a Denmark-based media source aimed at professional IT users and IT decision makers at all levels.
dateFounded in 1967
location
Framingham, Massachusetts, USA
people-size51-200 employees
web-link
http://www.computerworld.com

Funding

Current Stage
Growth Stage

Leadership Team

leader-logo
Ken Mingis
Executive Editor
linkedin
Company data provided by crunchbase
logo

Orion

Your AI Copilot