|Title:||IT Security Analyst, Incident Response|
|Job Location:||Winston Salem, North Carolina - United States|
|Salary:||$60,000.00 - $90,000.00 - US Dollars - Yearly|
|Employer Will Recruit From:||Local|
Contract-to-hire opportunity with a prominent technology/analytics company in Winston-Salem. No visa sponsorship available, local candidates HIGHLY preferred.
The Incident Response Analyst is responsible for identifying and responding to cyber security incidents. This individual will be qualified to perform intrusion investigation and the methodical incident response necessary to accomplish the active defense goals of the organization. They will demonstrate Intelligence driven incident response by analyzing all the available data, operationalizing information gathered from investigative procedures, and contribute intelligence to members of the security team to improve network defense.
• Bachelor degree in Computer Programming, Computer Science, or Information Systems AND/OR
• Generally requires 3-5 plus years of related work experience or an equivalent combination of education and experience.
• Strong analytical and problem solving skills.
• Excellent verbal and written communication skills.
• Security certification(s) such as Linux+, Microsoft MCSA, EC Council CEH and/or Comptia Security+ is desirable.
• Experience with core security tools, such as QRadar, EPO, F5, ADFS, Checkpoint, etc. is desirable.
• Ability to effectively manage multiple concurrent activities, while understanding and managing priorities
• Demonstrated flexibility, initiative, judgment and discretion
• Willingness to learn new tools, processes, technologies
• Ability to follow established processes
• Experience with cyber kill chain and IT security frameworks (NIST, Critical Security Controls, MITRE ATT&CK, Diamond Model, Cyber Kill Chain)
• Knowledge of network security tools/solutions deployed in environment (end-point agents, SIEM, FWs, VPNs, web security, IPS, email security)
• Can conduct host and network analysis, log analysis, and malware triage in support of incident response investigations
• Thorough understanding of network protocols
• Can identify attacker TTPs and IOCs and apply to current and future investigations
• Can interpret the results of automated malware analysis services (logical and technical understanding of malware behaviors)
• Can effectively communicate investigative findings to stakeholders
• Basic Sys Admin skills (Win, Mac, Linux)
• Basic programming/scripting skills (Python, Powershell, bash), can build scripts to enhance incident investigation process
• Intermediate security knowledge and skills (Network+, Security+, GSEC, GCIH, GCFA)