Cyber Security Incident Response Analyst

As an Cyber Security Incident Response Analyst you will report directly into the Director, Security Operations
Center (SOC), and work under daily operational control of the Incident Response Team Leader. You will be a part
of a team that will focus on handling the escalated Security Incident Response activities for the Enterprise. You
will also support any Security Event Management and remediation activities which could occur.

Together we can…

As the Cyber Security Analyst you will be challenged to work with our partners’ and suppliers’ security resources
to achieve a seamless global Security Incident Response capability. You will focus on security incident
management, ensuring that incidents are timely and properly identified, analyzed and remediated. You tackle the
potentially damaging and difficult attacks a multinational organization experiences on a regular basis.

Your Responsibilities
• Participates in monitoring, triaging and incident response activities, including:
• Handle escalated Security incidents from Level 1 and Level 2 Analysts (outsourced)
• Collects , documents, and shares preliminary data for security incident investigators .
• Contribute to our efforts to automate detection of, and response to, malicious activity
• Partnering with the IT Incident management team, making sure incident alignment is in place if needed
• Ensures comprehensive, real-time status updates and reporting to SOC Management and key stakeholders
• Standardizing initial response for basic security alerts/reports, in order to automate
• Recommends new use cases for SIEM for previously unidentified indicators
• Work with partners in IT and Engineering to improve log coverage and quality
• Identify, and help implement, improvements to our IR processes and procedures

You are...

The ideal candidate must have a passion for security, with a good understanding of adversary motivations,
cybercrime tactics and procedures, and the tools and techniques of the trade.

Qualifications
• Bachelor’s degree in Computer Information Systems or a related discipline, or equivalent experience
• 3+ years in IT / Information Security roles, with 1-3 years of experience in Incident Response at a Level 1 or
higher Analyst capability within a SOC
• CISSP, GIAC, CEH, or similar Information Security certification is preferred

Competencies
• Deep knowledge of IT / Information Security, tooling and processes
• Subject Matter Expert in Incident Response
• Analytical, solution and service oriented.
• Strong teamwork and collaboration skills
• In-depth knowledge and understanding of cyber-attack vectors, malware analysis, cybercrime networks and
methodologies
• Familiarity with SIEM platforms (LogRythm, ArcSight, QRadar, etc) and supporting tooling (Splunk, Endpoint
Forensics tooling, commodity malware and APT detection platforms)
• Expertise in Endpoint Detection and Response tools (e.g. CarbonBlack, CrowdStrike, FireEye Endpoint Security)
• Must understand APT solutions such as FireEye, Palo Alto Traps, Cisco AMP
• Familiar with Microsoft platform (Windows, O365, Teams, Azure, etc)
• Good written and verbal communication skills
• Available after-working hours if needed