Sorry, this listing is no longer accepting applications. Don’t worry, we have more awesome opportunities and internships for you.

Security Incident Response Analyst

L

LaBine and Associates

Security Incident Response Analyst

San Francisco, CA
Full Time
Paid
Similar Jobs
  • Responsibilities

    THIS IS 100% REMOTE within the United States.

    Our client is an insurance company, and this role performs the first response to any hint of malicious cyber activity.  Prevention, hunting, digital forensics, and program building are keys to this role.

    Responsibilities:

    • Assist in leading Cyber Security Incident Response events across a wide spectrum of IT areas, including accounts, applications, physical and virtual endpoints, and cloud/networking infrastructure
    • Monitor, respond, triage, and take ownership of all security alerts across the enterprise
    • Work with the Security Vulnerability team to stay apprised of new threats
    • Assist in the implementation of new alerts and controls for improved detection capabilities
    • Collect and analyze forensic data during IR Events
    • Find anomalies and hunt threats in our large and ever-changing environment
    • Assist in maturing and growing IR program with a focus on automation and refining processes
    • Develop and continually improve incident response playbooks, procedures, and knowledge base documentation
    • Provide first level support for all security service tickets

    Required Experience:

    • At least 2 years of experience in IT Security or relevant field
    • Bachelor’s degree - Information Science, computer science, or related field preferred.
    • Excellent verbal/written communication, interpersonal and organizational skills
    • Ability to continuously improve skillset to align with changing threat landscape
    • Excellent problem-solving skills to diagnose potentially malicious technical events
    • Ability to work flexible hours with some nights and weekends if Incidents arise
    • Practical understanding of vulnerabilities, exploits, computer network intrusions, adversary tactics, exfiltration techniques, and common attack knowledge

    Extra Credit For:

    • CISSP, GIAC SANS or other relevant certifications
    • True professional IR experience in a fast-moving corporate workplace
    • Experiencing with collecting and analyzing digital forensics
    • Experience and knowledge with AWS, Azure and O365 Environments
    • Experience with enterprise SIEM products
    • Experience with enterprise SOAR products