Cybersecurity Senior Incident Response Analyst

Job Summary

Required Qualifications

• Minimum of 3 years of experience working in information security with a focus on SOC analysis and incident response
• Understanding of TCP/IP networking including routing, switching, and protocols such as HTTP(S), DNS, DHCP, SMTP, and FTP
• Familiarity with network security technologies such as firewalls, proxies, and VPNs; knowledge of email security technologies and protocols
• Knowledge of security threats, attack methodologies, and mitigation strategies (phishing, port scanning, web app attacks, DDoS, lateral movement)
• Experience performing log analysis using SIEM tools and packet capture (PCAP) analysis
• Knowledge of Windows and Linux operating systems and how to investigate for signs of compromise
• Experience with file analysis tools and malware analysis techniques (dynamic/static analysis) to extract indicators and write reports
• Experience with cloud technologies and platforms; understanding cloud security architecture and attacker utilization
• Ability to demonstrate structured analytical approach to investigating alerts and documenting findings for peers and executives
• Appreciation of interconnections with other cyber security teams (forensics, threat intel, pentesting, vulnerability management, red team)
• Willing to work a shift pattern that includes weekend work