Senior Monitoring & Incident Response Analyst
Detects, prevents and responds to information threats and security breaches through technical security programs designed to protect the integrity of the organization's networks, systems, applications and data. Maintains and communicates information security policies and coordinates company-wide information security controls. Supports security administration compliance.
What Will You Be Doing?
As a Senior Security Analyst, you will lead our Information Security Incident Handling team, which is responsible for analyzing cyber security events and digging into any incident activities.
We will look for you to influence our long-term roadmap and continue to build our top-notch team of incident handling engineers.
More on the Day to Day:
- Monitor and respond to global security events utilizing state of the art security tools and managed services.
- Follow established incident response procedures to ensure proper escalation, analysis and resolution of security incidents.
- Analyze and correlate incident data to develop a preliminary root cause and corresponding remediation strategy.
- Ensure timely response to incidents in order to minimize risk exposure and production down time.
- Advise junior team members on the technical steps to take to investigate and resolve cyber security incidents.
- Routinely develop and update incident response playbooks to ensure response activities align with best practices, minimize gaps in response and provide comprehensive mitigation of threats.
- Prepare incident reports for a mixed technical and non-technical audiences.
- Initiate automation as necessary to effectively manage system logs and security alert reporting.
- Apply broad security industry, technology, business and professional knowledge to contribute to policy-making and process design.
- Complete projects and tasks on an as needed basis.
- Analytical and problem-solving skills related to networking, operating systems, and malware analysis.
- Deep technical experience in incident response and phishing attack analytics.
- In-depth knowledge of privilege escalation, persistence and lateral movement techniques.
- Technical knowledge and experience in operating system security and security best practices.
- Demonstrated understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, defense-in-depth and common security elements.
- Demonstrated interest in computer security, incident response, or computer forensics.
- Experience with network monitoring tools to monitor attacks/threats.
- Strong critical thinking and analytical problem-solving skills.
- Experience in securing large enterprise networks.
- Excellent written and verbal communication skills.
- Experience working with a high degree of autonomy and managing own workload.
- Experience with Tanium preferred
- Experience with Linux command line strongly preferred
- Bachelor's Degree in MIS, Computer Science or related field (preferred)
- CISSP or other relevant security certifications (preferred)
Back to top