Security Incident Analyst

• Perform real-time cyber defense incident handling tasks (e.g., forensic collections, intrusion correlation and tracking, threat analysis, and direct system remediation)
• Conduct security triage to identify and analyze cyber incidents and threats
• Actively monitor networks and systems for cyber incidents and threats
• Conduct risk analysis and security reviews of system logs to identify possible cyber threats
• Conduct analysis and review, and/or apply network scanners, vulnerability assessment tools, network protocols, internet security protocols, intrusion detection systems, firewalls, content checkers and endpoint software
• Collect and analyze data to identify cyber security flaws and vulnerabilities and make recommendations that enable prompt remediation
• Develop and prepare cyber defense incident analysis and reporting
• Define and maintain tool sets and procedures
• Develop, implement, and evaluate prevention and incident response plans and activities, and adapt to contain, mitigate or eradicate effects of cyber security incident
• Provide incident analysis support on response plans and activities
• Conduct research and development on cyber security incidents and mitigations
• Create a program development plan that includes security gap assessments, policies, procedures, playbooks, and training manuals
• Review, develop and deliver relevant training material

• Knowledge of Security Tools:
• Hands-on experience with security technologies such as SIEM (Security Information and Event Management).
• Experience with IDS/IPS (Intrusion Detection/Prevention Systems), firewalls, endpoint detection and response (EDR) tools, and antivirus/antimalware solutions.
• Understanding of Attack Techniques:
• Familiarity with cyberattack tactics, techniques, and procedures (TTPs) such as phishing, malware, ransomware, and denial-of-service (DoS) attacks.
• Knowledge of threat hunting and techniques for identifying hidden threats within networks.
• Incident Response Tools:
• Proficiency in incident response tools and techniques, such as log analysis, traffic analysis, and forensic tools.
• Ability to use tools for memory analysis, file integrity monitoring, and network packet capture.
• Operating System Proficiency:
• Strong knowledge of Linux and Windows operating systems and their security models.
• Scripting and Automation:
• Familiarity with scripting languages like Python, PowerShell, or Bash for automating tasks and performing quick response actions.

• Incident Documentation and Reporting
• Experience in documenting security incidents and creating post-incident reports, providing detailed root cause analyses, and recommending preventive measures.
• Ability to perform post-incident analysis to improve detection and response times.

Please note: Our intelligent job search engine discovered this job and republished it for your convenience.
Please be aware that the job information may be incorrect or incomplete. The job announcement remains the property of its original publisher. To view the original job and its full details, please visit the job's URL on the owner’s page.