Incident Response Analyst

Job Summary

This is a contract position within the corporate information security office (CISO) team. The position is to participate in the incident response management team. The position works with local offices and their administrators to assist in accomplishing incident triage and forensic activities consistent with documented procedures for confirmed incidents.  The position shall report to and work with the Information Security Manager, India.  In addition, the position shall work with peer team members, Asia Head, Director of Operations & Security, and the corporate legal team.

Job Requirements

• Coordinate response, escalation, tracking and analysis of incidents at remote offices
• Analyze security events/logs and report on threats and incidents across various platforms and environments. Escalate complex cases to the Detection team and the system owners.
• Work with IT and various business units to triage and remediate detected security incidents and alerts
• Development of Incident Response dashboard and metrics as directed by manager
• Management and monitoring of data loss prevention (DLP) initiatives
• Assist in identifying and remediating gaps as identified throughout the investigation
• Review log-based data, both in raw form and utilizing SIEM or aggregation tools

Qualifications

• Minimum of One (1) or more years of combined IT and information security work experience with handling information security incident response, DLP, SIEM, etc.
• In depth knowledge of Information Security incident handling and investigation procedures
• Technical skills proficiency in the following areas: security information event management (SIEM), managing event analysis/correlation and related incident investigations, forensic analysis of digital evidence, network communication using TCP/IP protocols, basic system administration, basic understanding of malware (malware communication, installation, malware types), intermediate knowledge of computer network defense operations (proxy, firewall, IDS/IPS, router/switch, open-source information collection
• Excellent teamwork skills and the ability to successfully interface with other organizational groups
• Candidate must be able to effectively communicate in English (written and presentation/verbal)
• Candidate should have excellent decision making and problem-solving skills including the ability to clearly define and resolve issues.

Education & Experience

• Bachelor’s degree in computer science (or related engineering degree)
• Minimum of 1 years of information systems security (or cyber security) experience
• Working knowledge of security operations: perimeter defense, forensics, incident response, SIEM, DLP, and security metrics.
• Preferred Certifications: CEH, Security+, Certified Incident Handler (CIH)
• Understanding of risk-based and one or more of the following frameworks: HITRUST, NIST, PCI-DSS, Sarbanes Oxley, HIPAA, FISMA, ISO, or COBIT.