Senior Incident Response Analyst

ConnectWise is the world's leading software company dedicated to the success of IT Solution providers. As a company our vision is to power a thriving IT ecosystem that transforms what's possible for SMBs. How we do this is by empowering IT solution providers with unmatched software, services, and community to achieve their most ambitious vision of success

ConnectWise provides a work environment where each colleague is valued for their perspectives, skills and talents, is treated respectfully, can communicate openly and is encouraged to develop to their full potential as a contributor to the success of the company and the communities we serve. We value our colleagues and offer a competitive benefits package including medical, retirement investment plans, flexible time away, community volunteer opportunities, master’s assistance program and colleague recognition programs.    

General Summary:

The Senior Incident Response Analyst plays an integral role in the protection of the ConnectWise brand and its assets. This position will be a vital member of the Information Security organization, operating within the Security Operations Center and the Incident Response teams. You will be part of our global incident detection and response program and will assist the Director of Incident Response with triage, analysis, and investigations as needed. You will be part of a team responsible for security monitoring, detection and response, security incident management, security detection engineering, and security data science.  

Essential Duties and Responsibilities:

• Monitor and respond to security events and incidents using established processes, creating process and procedures where none are already established 
• Enforces security policies and procedures by administering and monitoring security profiles 
• Monitoring of security events in the SIEM, other security feeds and then take appropriate action based on the company security policy 
• Detailed analyses of various security event sources (FW, IDS, PROXY, AD ) 
• Participate in cyber-war gaming exercise incorporating multiple business line scenarios 
• Assist in the development of advanced capabilities necessary to monitor and detect indicators of compromise using security scripts, tools and services 
• Stay abreast of the latest information security controls, practices, techniques and capabilities in the marketplace 
• Provides project support related tasks to integrate security platforms ongoing tuning support for existing technology 
• Apply technical acumen and analytical capabilities to improve efficiency and effectiveness of response 
• Conduct root cause analysis to identify gaps and recommendations 

Knowledge, Skills, and/or Abilities Required:

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

• Being part of an on-call rotation for escalations including weekends 
• 3+ years of relevant hands-on cybersecurity experience dealing with incident detection and response 
• 2-3 years of virtual threat tracking or familiarity with current threat groups and TTPs 
• Ability to conduct multiple activities and events simultaneously, with a strong ability to prioritize multiple tasks and respond to high-priority events 
• Ability to work independently and collaboratively with teams that are geographically distributed 
• Strong communication skills and able to prepare and present well written papers, briefing and other materials to leadership across the enterprise

Educational/Vocational/Previous Experience Recommendations:

• Bachelor’s degree in computer engineering / computer science or equivalent work experience 
• Possess current security certifications (e.g. CISSP, CISM, CEH, Security+ or SANS certification or equivalent) 

Working Conditions:

• Remote position 
• Professional office environment 
• 0- 10% travel required 

ConnectWise is an Equal Opportunity Employer, dedicated to building a diverse and inclusive workforce and providing a workplace free from discrimination and harassment. ConnectWise provides equal employment opportunities to all employees and applicants without regard to race, ethnicity, color, religion, age, sex (including pregnancy), sexual orientation, gender, gender identity or expression, ancestry, national origin, citizenship status, physical or mental disability, genetic information, military/veteran status, marital status, familial or parental status, or any other characteristic or status protected by applicable federal, state and local laws.

The statements above are intended to describe the general nature and level of work being performed by individuals assigned to this job. Other duties may be assigned as needed. Reasonable accommodations may be made to enable qualified individuals with disabilities to perform the essential functions of the job and/or to receive other benefits and privileges of employment. If you need a reasonable accommodation for any part of the application and hiring process, please contact us at talentacquisition@connectwise.com or 1-800-671-6898.