Detection and Response Analyst

Remote Full-time Live

As part of the Incident Detection team, Detection and Response Analyst will play an essential role in supporting our 24/7 Cyber Fusion Center, monitoring and responding to alerts to help prevent and mitigate cyberattacks. Detection and Response Analyst conducts in-depth analysis of security events and requires the ability to identify indicators of compromise (IOCs), perform intrusion and root cause analysis, and proactively take actions to mitigate potential damage to our cyber ecosystem.Essential Functions: Work in 24x7 Cyber Fusion Center to provide monitoring and detection/response services. Work various 10-hour shifts, including weekends and work both day and night shifts. Shifts rotate quarterly. Leverage SIEM to query logs and correlate across multiple log sources. Detect and respond to security incidents by leveraging detection/response platforms. Triage security incidents and perform in-depth analysis using cyber threat intelligence, intrusion detection systems, firewalls and other boundary protection devices. Escalates cybersecurity events according to playbooks and standard operation procedures (SOPs). Support Incident Response efforts as needed, including providing counsel, working with the IR team, as well as other involved stakeholders within the organization and customers to drive forward remediation activities. Assist with containment and remediation of threats during incidents. Use internal ticketing system to track investigated incidents and capture relevant details. Conduct threat hunting activities based on internal and external threat intelligence. Assist with service requests from customers and internal teams. Identify, recommend, coordinate, and deliver timely knowledge to support teams. Report all information to the supervisor and upper management with updates as requested and respond to requests for information and assistance, including project progress and problems, particularly as needed to change in schedule, resources and scopes Contribute to the creation of documentation to standardize processes and procedures, including playbooks to improve internal processes and procedures. Work with team to establish repeatable and constantly improving processes. Serve as mentor and provide training to other team members as needed. Other tasks and responsibilities as assigned by leadership. RequirementsRequired Education and Experience:At least 3 years of cybersecurity experience with a focus on Incident Detection, Incident Response and/or Security Operations. BA/BS in Computer Science, Information Security, or Information Systems or equivalent related work experience. Experience interfacing with internal and external customers, providing remediation actions to non-technical audiences. Working knowledge of enterprise-level security technologies such as SIEM and ticketing systems. Experience in a highly collaborative environment with a focus on project delivery and desired business outcomes. Experience with SIEM platforms, enterprise intrusion prevention systems, endpoint detection and response tools, and other security products. Experience supporting large scale incident investigations. Experience interfacing with a variety of cybersecurity teams (such as red team, cyber threat intelligence, data loss prevention, etc). Security certifications such as: Security+, CYSA+, CASP+, GCFA, GCIH, GCFE Competencies:Strong technical background in security, network, infrastructure, cloud, applications. Knowledge of risk assessment tools, technologies, and methods. Firm grasp of networking and hacking concepts. Expertise in designing secure networks, systems, and application architectures. Knowledge around common web application attacks including SQL injection, cross-site scripting, invalid inputs, and forceful browsing. Proficient knowledge of how common protocols & applications work at the network level, including DNS, HTTP, and SMB. Proficient with SIEM technologies (Security Information and Event Management e.g., Splunk/MS sentinel or other SIEM TOOL). Detail-orientated and analytical skills. •Problem-solving skills Proficient with Microsoft Office & documentation skills (Word, Excel, PowerPoint) Originally posted on Himalayas Apply To this Job Apply tot his job Apply To this Job

Apply

Detection and Response Analyst

On the same wavelength

Consultant-Human Resources Operations-Immigration

Director, Product Design - Online Jobs

Associate Director, Influencer Marketing

Fresher Infrastructure Consultant Trainee - The Board Job ID-217 – Amazon Store

Inside Sales Rep – Healthcare (Remote)

Consultant/Senior Consultant - Healthcare Strategy & Innovation

Licensed Inside Sales Representative (Remote - Home Based Work)

Licensed Inside Sales Representative - P&C (Remote) - Now Hiring

Instructional Designer III (Position has option for remote work)

Inside Sales Representative-Remote (Part-Time, Soft Sales)

Experienced Customer Support Professional – Home Advisor Role for Top-Tier Customer Experience at arenaflex

Research Intern, Vision Foundation Model and Generative AI

Experienced Live Chat Assistant – Customer Engagement Specialist for Environmental Health & Safety Solutions at arenaflex

Experienced Data Entry Specialist – Remote Work Opportunity with arenaflex

Manager, Returns Policy and Strategy job at Wayfair in Boston, MA

Penske – PMC Freelance Photo Editor – New York

Principal Software Engineer (Backend) - Remote

Head of Consumer PR Job at Whatnot in Los Angeles

Middle School Elementary Teletherapy Speech Therapy in School Setting - Michigan

Wix Studio Developer for Art Academy