Address
Form of workJob Type
Full-time
Description
JOB TITLE: Incident Response AnalystORGANIZATIONALUNIT:InformationTechnology
REPORTS TO: Chief Information Security Officer
SALARY RANGE: $45,000 - $80,000
FLSA: Exempt
**ALL FULL TIME POSITIONS:Your salary also includes Medical, Dental and Vision Insurance. The Biweekly deduction from employee paycheck is $40.00 for Employee Only, $95.00 Employee plus Children, $120.00 Employee plus Spouse, $140.00 Employee plus family. **
JOB SUMMARY:
Serve as a first-tier responder for security incidents, including any unusual activity detected or suspected, in accordance with established incident handling procedures. Provide written incident reports to designated officials and cooperate with law enforcement as required. Take appropriate steps to validate suspected incidents and assess recommended countermeasures.
DUTIES:
• Perform all phases of Incident Response life cycle: preparation, analysis, containment, eradication, remediation, recovery, and post-incident activity
• Create, develop, maintain, and execute IT security policies, plans, and procedures; implement data network security measures; conduct security incident handling; support COOP/DR plans, and perform certification of networks.
• Complete threat hunting in both on-premises and cloud environments.
• Define, document, test, and manage Incident Response processes: document processes and procedures in the form of playbooks and reference points
• Create, develop, maintain, and execute security Incident Response policies, identify the need for changes based on new security technologies or threats, test and implement new policies and establish measures to ensure awareness and compliance.
• Evaluate external threat intelligence sources related to zero-day attacks, exploit kits and malware to determine organizational risk and improve threat detection by incorporating into detection tools.
• Conduct forensics: host-based disk and memory as well as network; analyze to determine root cause and impact.
• Communicate complex technical requirements to nontechnical personnel, prepare and present briefings on complex/controversial issues.
• Develop security monitoring by using cases and supporting content for security tools such as dashboards, alerts, reports, rules; including but not limited to the configuration and monitor security information and event management (SIEM) platform for security alerts
• Ability to attain IT-related certifications as needed.
• Other duties as assigned
MINIMUM QUALIFICATIONS FOR CONSIDERATION:
• To perform this job successfully, the individual must be able to perform each essential duty satisfactorily:
o Ability to organize and manage multiple priorities.
o Solid understanding of network and system intrusion and detection methods; examples of related technologies include, Splunk, Next Generation Endpoint Protection Platforms(Sophos EDR), Security information and event management (SIEM), hacking tools techniques and procedures
o Experience with coding and analytics, malware analysis, endpoint lateral movement detection methodologies and host forensic tools
o Articulates a strategy, an idea, or thought in a clear and appropriate manner, both verbally and in writing.
o Ability to respond to inquiries or complaints from customers, regulatory agencies, or members of the business community.
o Must exhibit excellent interpersonal skills and the ability to work with all levels of user expertise.
o Must be professional in presentation and appearance during all customer contacts.
o Strong organizational skills.
o Ability to prioritize activities and multitask.
o Must possess a valid driver license and be able to travel locally as needed.
o Ability to work at times with minimal supervision.
PHYSICAL REQUIREMENTS:
• Ability to sit for extended periods of time performing repetitive work at the computer. Ability to regularly lift and/or move up to 10 pounds, frequently lift and/or move up to 25 pounds, and occasionally lift and/or move up to 50 pounds. Some bending and stretching.
WORKING CONDITIONS:
• Normal office environment
Note: The above statements are intended to describe the general nature and level of work performed by an employee in this position. These statements are not to be construed as an exhaustive list of all responsibilities, duties, and skills required of employees in this position.
