Responsibilities

📍Investigate alerts, triage, deep dive, and come up with proper action items and remediation plans. 📍Perform host-based analysis, artifact analysis, and malware analysis in support of security investigations and incident response. 📍Coordinate investigation, containment, and other response activities with business stakeholders and groups. 📍Develop incident analysis and findings reports for management, including gap identification and recommendations for improvement. 📍Recommend or develop new detection logic and tune existing sensors/security controls. 📍Work with security solutions owners to assess existing security solutions ability to detect/mitigate the abovementioned TTPs. 📍Creating custom SIEM queries and dashboards to support the monitoring and detection of advanced TTPs against the company network.

Minimum Requirements

📍4+ years experience working in an Incident Response/Cyber Security Operations Center (in-house or outsourced) creating, escalating, and managing security incidents and creating incident reports. 📍Managing low to high-risk cybersecurity events, alerts, and incidents, event monitoring, and analysis, and responding to and escalating IT/DevOps security events and threats and vulnerabilities. 📍Collaborating with stakeholders to drive incident response and remediation. 📍Development of common runbooks for most frequent or critical incident types.