Information Security Analyst Incident Response

Title: Information Security Analyst (Incident Response)

Location: Remote

Duration: Contract (Longterm)

Job Description

Project or Assignment summary:

The Information Security Analyst Incident Response operates across a complex IT environment encompassing traditional data centers Software as a Service (SaaS) services multiple cloud providers and a diverse enduser environment. It involves understanding the course of action to be taken when a cybersecurity incident occurs. It encompasses identifying the type of incident containing the threat eradication recovery and conducting a postincident analysis to prevent future occurrences. Knowledge of various cybersecurity tools and best practices for incident response will be essential for successfully completing this assignment.

This role is pivotal in coordinating with internal teams leadership and internal IT partners to manage complex security incidents and drive longterm improvements in the maturity of our IR Program.

The ideal candidate will possess both strong technical skills and knowledge regarding traditional network and cloud security threats while also bringing the ability to manage and communicate effectively during highstress Security Incidents.

Essential Responsibilities

Perform indepth analysis of security logs and telemetry from a diverse range of sources including endpoint network cloud and SEIM systems to identify and help contain Security Incidents.

Lead and manage all phases of incident response: Working with Internal peers Security Leadership and 24x7 Managed Defense and Response providers you will undertake and guide activities through Detection Analysis Containment Eradication Recovery and postincident reporting.

Participate in oncall rotation on weekdays/weekends.

Prepare comprehensive incident reports and retrospectives for executive and securityleadership audiences while managing postincident action items to conclusion.

Mentor and guide less experienced team members in Incident handling and investigations.

Assist in driving maturity automation and sophistication in IR processes through use of orchestration tools integrations and your own subjectmatter expertise.

Other duties as assigned.

Minimum Experience and Qualifications

Five (5) years of experience in blue team functions such as Security Operations Incident Response Threat Detection and Analysis and/or Threat Intelligence preferably in a large enterprise or Security Service Provider.

Proven track record of managing complex security incidents through the entire lifecycle.

Indepth knowledge of advanced threat actor tactics techniques and procedures (TTPs).

Availability for oncall duties and offhours Incident Response as needed.

Demonstrated ability to lead multiple investigations or cases simultaneously.

Team member Expectations:

Regular attendance and punctuality

Potential need to work flexible hours and be available to respond on short notice.