Incident Analyst - Cyber Triage and Forensics
Atlanta, United States
Mission Recruit
Mission Recruit is woman and minority-owned employment agency with a progressive approach to finding the right fit.As a global leader in assurance, tax, transaction, and advisory services, the client is using their technology finance products, expertise, and systems they’ve developed to build a better working world. That begins with a culture that believes in giving employees the training, opportunities, and creative freedom to make things better. With a foundational commitment to hiring and developing the most passionate people, whenever you join their team, however long you stay, the exceptional experience and skills learned last a lifetime.
Industry: Technology/Finance
Location: Remote
Duration: Direct Hire
Shift: 1st Shift (Eastern Standard Time)
Job Summary
Cyber Triage and Forensics (CTF) Incident Analyst will work as a senior member of the technical team responsible for security incident response. The candidate will work as an escalation point for suspect or confirmed security incidents. Responsibilities include performing digital forensic analysis, following security incident response best practices, malware analysis, identify indicators of compromise, support remediation or coordinate remediation efforts of a security incident, and develop documentation to support the security incident response process.
Experience:
- Bachelors or Masters Degree in Computer Science, Information Systems, Engineering or a related field
- 5+ years experience in incident response, computer forensics analysis and/or malware reverse engineering
- Understanding of security threats, vulnerabilities, and incident response
- Understanding of electronic investigation, forensic tools, and methodologies, including: log correlation and analysis, forensically handling electronic data, knowledge of the computer security investigative processes, malware identification and analysis
- Be familiar with legalities surrounding electronic discovery and analysis
- Experience with SIEM technologies (i.e. Splunk)
- Deep understanding of both Windows and Unix/Linux based operating systems
Additional Preferred Experience:
- Hold or be willing to pursue related professional certifications such as GCFE, GCFA, or GCIH
- Background in security incident response in Cloud-based environments, such as Azure
- Programming skills in Powershell, Python, and/or C/C++
- Understanding of the best security practices for network architecture and server configuration
Responsibilities:
- Investigate, coordinate, bring to resolution, and report on security incidents as they are escalated or identified
- Forensically analyze end-user systems and servers found to have possible indicators of compromise
- Analysis of artifacts collected during a security incident/forensic analysis
- Identify security incidents through ‘Hunting’ operations within a SIEM and other relevant tools
- Interface and communicate with server owners, system custodians, and IT contacts to pursue security incident response activities, including: obtaining access to systems, digital artifact collection, and containment and/or remediation actions
- Provide consultation and assessment on perceived security threats
- Maintain, manage, improve and update security incident process and protocol documentation
- Regularly provide reporting and metrics on case work
- Resolution of security incidents by identifying root cause and solutions
- Analyze findings in investigative matters, and develop fact-based reports
- Be on-call to deliver global incident response
Skills and attributes for success:
- Resolution of security incidents by identifying root cause and solutions
- Analyze findings in investigative matters, and develop fact-based reports
- Demonstrated integrity and judgment within a professional environment
- Ability to appropriately balance work/personal priorities
What they look for:
- Demonstrated integrity in a professional environment
- Ability to work independently
- Have a global mind-set for working with different cultures and backgrounds
- Knowledgeable in business industry standard security incident response process, procedures, and life-cycle
- Excellent teaming skills
- Excellent social, communication, and writing skills
Additional Benefits Info:
They offer a competitive remuneration package where you’ll be rewarded for your individual and team performance. Their Total Rewards package includes support for flexible working and career development. You can select benefits that suit your needs, covering holidays, health and well-being, insurance, savings and a wide range of discounts, offers and promotions.
Plus, they offer:
- Support, coaching and feedback from some of the most engaging colleagues around
- Opportunities to develop new skills and progress your career
- The freedom and flexibility to handle your role in a way that’s right for you
Tags: Azure C C++ Cloud Computer Science CTF Finance Forensics GCFA GCIH Incident response Linux Malware PowerShell Python Reverse engineering SIEM Splunk UNIX Vulnerabilities Windows
Perks/benefits: Career development Flex hours Health care
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Security Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Information Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Analyst jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open Security Clearance-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open CEH-related jobs