IT Security Analyst
- Burlington, NC
LabCorp is recruiting a Security Analyst for a dynamic team in North Carolina.
The Security Analyst will perform responsibilities as an incident responder/controller for LabCorp's Critical Security Incident Response Center (CSIRT), performing host based forensics, root case analysis, threat hunting, and serve as a technical escalation for resources in the Security Operations Center (SOC). Partner with Security Engineers to implement and improve technology and processes to enhance SOC monitoring, investigation, and response.
Duties include but not limited to:
* Serve as an escalation resource for SOC analysts
* Perform Incident Response for security threats or incidents
* Work with SIEM Engineers and other security partners developing and refining correlation rules
* Work on complex tasks assigned by the SOC management
* Coordinate evidence/data gathering and documentation for Security Incident reports
* Provide recommendations for improvements to incident playbooks, procedures, and monitoring
* Provide emergency response as a member of CSIRT or as escalation as part of an 24/7 on-call rotation.
* At least 5 years of technical experience in Information Security with at least 3 years of experience in Incident Response or Threat Hunting.
* Experience in Security Operations and Incident Response.
* Practical knowledge of networking protocols, firewalls, intrusion detection/prevention systems.
* Ability to conduct multi-step breach and investigative analysis to trace the dynamic activities associated with advanced threats.
* Advanced knowledge using SIEM technologies for event investigation.
* College degree in related field or equivalent work experience.
* Adept event analysis leveraging Splunk
* Experienced incident investigation and response skill set
* Moderate to Advanced knowledge of current threat landscape (threat actors, APT, cyber-crime, etc)
* Moderate to Advanced knowledge of malware operation, messaging and phishing
* Moderate to Advanced knowledge of modern operating systems
* Moderate knowledge of Firewall and Proxy technology
* Moderate knowledge of Data Loss Prevention monitoring
* Moderate knowledge of forensic techniques
* Experienced working within a PCI, HIPPA, SOX environment
* A security certification is preferred; such as CISSP, GCIH, GIAC or similar level
License/Certification/Education: Normally a B.A./B.S. Degree with 7+ years of experience in field.
Monday to Friday, Business days and hours
Back to top