Incident Response Analyst

Role: Incident Response Analyst

Location: 90% Remote: must be within driving distance of Salisbury, NC in case they need to come in (~1x month)

Must be able to work without sponsorship

6-months contract to hire

Top 3 requirements

• 5 years of incident response experience
• MS Security Tools Suite Experience (Defender)
• SIEM

Principle Duties and Responsibilities:

· Advance and maintain incident response plan.

· Lead incident response events and activities.

· Subject matter expert responsible for managing threats, disseminating information, and handling, responding to, and investigating all incident escalations from the Tier 1 and 2 analysts.

· Point of escalation for Tier 1 & 2. Management of the incident response process if previous IR tiers could not resolve the ticket.

· Perform event investigation, post incident root cause analysis, remediation planning, capture metrics, compile and track lessons learned, document and disseminate incident report in coordination with the IR process.

· Evaluate and recommend emerging technologies within information security.

· Work independently with 3rd party providers, vendors, and other departments.

· Provide 24x7 operational support for escalations on a rotating basis.

Basic Qualifications:

· Bachelor’s degree in Information Security or related field or equivalent work experience.

· 5 year's experience in information security including incident response.

· Excellent organization, communication, collaboration, and interpersonal skills.

· Ability to communicate and present complex issues and ideas with precision and clarity, adjusting appropriately for the audience; ability to communicate effectively at all levels of the organization.

· Experience working within a large, complex corporate environment providing consulting services on large initiatives.

· Experience managing and prioritizing multiple tasks in an effective manner.

· Knowledge and understanding of network and security fundamentals, protocols, and technologies.

· Strong understanding of mitigating security controls (i.e., anti-virus, IPS/IDS, email filtering, web site blocking, patching) and how they work in an overall defense in depth risk assessment methodology.

· Understanding of Technology Platforms (Windows, Open Source, Middleware Applications, Database Applications, Cisco, Microsoft security suite)

· Understanding of incident handling.

· Experience developing and providing effective and professional presentations to all levels (including Senior Management).

Preferred Qualifications:

· Industry-recognized security, network, or other professional certifications sponsored by organizations such as SANS, ISC2, Microsoft, Cisco, and Offensive Security.

· Working knowledge MITRE ATT&CK Framework, CIS Controls, and OWASP.

· Experience managing projects, vendor management, and leading staff.

· Experience in conducting training and mentoring.

· Strong subject matter expertise in incidence response.

· Strong understanding of Information Security industry standards/best practices such as NIST.

· Strong understanding of Information Security related laws and regulations including HIPAA and PCI.

· Experience with engineering and/or architecture of technologies such as network firewalls, intrusion detection sensors, antimalware technologies, vulnerability scanning technologies, and APT prevention technologies.

· Experience developing and maintaining operational metrics.

· Knowledge of cloud computing technology (e.g. Azure, Google Cloud, AWS, etc.).

Thanks

Job Type: Full-time

Pay: $55.00 - $60.00 per hour

Schedule:

• 8 hour shift

Education:

• Bachelor's (Required)

Experience:

• incident response: 6 years (Required)
• MS Security Tools Suite: 4 years (Required)
• SIEM: 4 years (Required)

Ability to Relocate:

• Salisbury, NC 28144: Relocate before starting work (Required)

Work Location: Hybrid remote in Salisbury, NC 28144