Job Openings

Senior Incident Response Analyst

Job ID: BH488855

Category: Cyber Security

Specialty: Cybersecurity

The Senior Incident Response Analyst will perform remote incident response duties for the client. They will work closely with the client’s Regional Information Security Officer to react to pending, discovered, or actual incidents to assist with remediation, communicate with stakeholders according to incident response procedures, and document findings within After Action Reports, logging the incident and providing learned intelligence gathered throughout the incident lifecycle. The candidate will work with cybersecurity professionals that perform intelligence/ threat-based security assessments on critical systems, major applications, and networks to identify security risks to brief systems owners of the potential impacts of those risks to their mission. Candidates should be able to apply and understand a wide range of technical principles, theories, and concepts.

 

Requirements:

  • 10-15+ Years’ experience in cybersecurity career field with concentration on Incident Response

  • Bachelors in Cybersecurity or Information Technology or equivalent practical implementation experience

  • Preferred candidate should possess one or more of the following certifications: (ISC)2 Certified Information Security Professional (CISSP), ISACA Certified Information Systems Auditor (CISA), SANS GIAC certification (e.g., GPEN or GW APT), Offensive-Security Certified Professional (OSCP), and EC-Council Certified Ethical Hacker (CEH).

  • Experience with cybersecurity incident response and assessments

  • Experience assisting in systems security analysis and assessments, including identifying risk criticalities and handling options, to inform decision making

  • Experience assisting in development of systems security and cybersecurity strategy development, system testing and evaluation, and verification and validation efforts

  • Experience analyzing PCAP data

  • Must demonstrate expert knowledge in Incident Response and one or more of the following areas:

  • Threat Hunting, Monitoring and Detection, Cyber Intelligence Analysis, Data Loss Prevention

  • Investigate information security incidents to determine extent of compromise to information and automated information systems, must be familiar with notable event triage, Host Forensics, Network Analysis

  • Respond to escalated notable events from security tooling to develop/execute security controls, Defense/countermeasures to prevent internal or external attacks or attempts to infiltrate company email, data, and web-based systems

  • Research attempted or successful efforts to compromise systems security and designs countermeasures. Stay educated on latest attacker trends, techniques, tactics, and procedures

  • Experience with vulnerability management

  • Experience working in a Security Operations Center (SOC) Environment

  • Analyze potential attack vectors, loss conditions and unacceptable loss consequences and propose mitigation approaches

  • Extensive knowledge and understanding of complex network environments.

  • Experience with Splunk and Microsoft Sentinel.

  • Research and develop unique, cutting-edge technical capabilities and processes for understanding, assessing, and analyzing system and technology resilience and security

  • Create, modify, or assist with authoring scripts to automate repetitive tasks, freeing up time to focus on advanced investigations and other projects

The Planet Group of Companies is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.

Type: Temp/Contract to Direct

Location: Remote Based