Overview
depending on experience
Full Time
Skills
IT Security
Security Operations
Preventive Maintenance
Project Management
Performance Management
Business Operations
Regulatory Compliance
Network Forensics
Legal
EnCase
Forensic Toolkit
SIEM
Event Management
IDS
IPS
Intrusion Detection
Operating Systems
Microsoft Windows
Linux
OS X
Network Protocols
ROOT
Analytical Skill
Attention To Detail
Python
Windows PowerShell
Scripting
Communication
Reporting
FOCUS
Forensics
Computer Science
Information Security
Cyber Security
GCIH
Reverse Engineering
Malware Analysis
Information Systems
CISSP
Certified Ethical Hacker
SANS
Incident Management
Digital Forensics
Salesforce.com
DICE
MIT
Military
Collaboration
Partnership
Law
Job Details
City/State:
Yonkers, New York
Grant Funded:
No
Department:
MIT - Security Operations
Work Shift:
Day
Work Days:
MON-FRI
Scheduled Hours:
8:30 AM-5 PM
Scheduled Daily Hours:
7.5 HOURS
Pay Range:
$107,328.00-$134,160.00
Job Summary:
The Incident Response Analyst is responsible for responding to cybersecurity incidents, conducting in-depth malware analysis, and utilizing forensic tools to investigate and mitigate threats. This role involves identifying and analyzing security incidents, determining their impact, and implementing corrective actions to safeguard the organization's information systems. The Incident Response Analyst works closely with Incident Response Engineers, Threat Detection Analysts and other cybersecurity teams to ensure a coordinated and effective response to security threats.
Key Responsibilities:
Monitor security alerts and notifications from various security tools to identify potential incidents.
Respond to security incidents by following the organization's incident response procedures.
Perform initial triage of security incidents, including assessing the scope, severity, and potential impact.
Collaborate with other teams to contain and mitigate incidents, ensuring minimal disruption to business operations.
Document all actions taken during the incident response process in detailed incident reports.
Analyze suspicious files, emails, and URLs to determine whether they contain malware.
Perform dynamic and static malware analysis to understand the behavior and functionality of malicious code.
Identify indicators of compromise (IOCs) associated with malware and develop detection signatures for review by Incident Response Engineers.
Reverse-engineer malware to uncover its components, behavior, and potential impact on the organization.
Provide recommendations for remediation and protection against similar threats in the future.
Utilize digital forensic tools to investigate compromised systems and identify the root cause of incidents.
Collect, preserve, and analyze digital evidence in compliance with legal and regulatory requirements.
Conduct memory, disk, and network forensics to uncover the extent of an attack and the methods used by the attacker.
Assist in post-incident investigations, including gathering evidence, preparing forensic reports, and supporting legal actions if necessary.
Communicate findings, analysis results, and recommendations to technical and non-technical stakeholders.
Participate in incident post-mortem meetings to review the effectiveness of the incident response process and identify areas for improvement.
Maintain and optimize the tools used for incident detection, malware analysis, and forensic investigations.
Stay current with the latest developments in cybersecurity tools, techniques, and best practices.
Contribute to the development and refinement of incident response playbooks and procedures.
Required Skills and Knowledge:
Strong understanding of cybersecurity concepts, including threat detection, malware analysis, and digital forensics.
Proficiency in using malware analysis tools such as IDA Pro, OllyDbg, and Ghidra.
Experience with forensic tools like EnCase, FTK, Autopsy, and Volatility.
Familiarity with SIEM (Security Information and Event Management) systems, IDS/IPS (Intrusion Detection/Prevention Systems), and EDR (Endpoint Detection and Response) solutions.
Knowledge of operating systems (Windows, Linux, macOS) and network protocols.
Ability to analyze complex security incidents, determine the root cause, and implement effective remediation strategies.
Strong analytical skills to dissect and understand the behavior of malware.
Attention to detail in forensic investigations to ensure accurate and reliable results.
Experience with scripting languages (e.g., Python, PowerShell) for automating malware analysis and forensic tasks.
Ability to develop custom scripts to enhance incident response capabilities.
Excellent written and verbal communication skills, with the ability to document incidents and communicate technical details to diverse audiences.
Strong reporting skills, including the ability to create detailed and actionable forensic and incident response reports.
Required Experience:
Experience: 3-5 years of experience in cybersecurity, with a focus on incident response, malware analysis, and digital forensics.
Experience in Incident Response: Hands-on experience in detecting, responding to, and mitigating security incidents.
Experience in Malware Analysis: Proven expertise in analyzing and reverse-engineering malware.
Experience in Forensics: Extensive experience using forensic tools to investigate security breaches and conduct post-incident analysis.
Education:
Associate's degree or equivalent experience in Computer Science, Information Security, Cybersecurity, or a related field.
Preferred: Bachelor's Degree in Cybersecurity or related discipline.
Certifications (Preferred but not required):
GIAC Certified Incident Handler (GCIH)
GIAC Reverse Engineering Malware (GREM)
Certified Information Systems Security Professional (CISSP)
Certified Forensic Computer Examiner (CFCE)
Certified Ethical Hacker (CEH)
SANS FOR508: Advanced Incident Response, Threat Hunting, and Digital Forensics
SF-DICE-MIT
Montefiore Health System, Inc. is an equal employment opportunity employer. Montefiore Health System, Inc. will recruit, hire, train, transfer, promote, layoff and discharge associates in all job classifications without regard to their race, color, religion, creed, national origin, alienage or citizenship status, age, gender, actual or presumed disability, history of disability, sexual orientation, gender identity, gender expression, genetic predisposition or carrier status, pregnancy, military status, marital status, or partnership status, or any other characteristic protected by law.
Yonkers, New York
Grant Funded:
No
Department:
MIT - Security Operations
Work Shift:
Day
Work Days:
MON-FRI
Scheduled Hours:
8:30 AM-5 PM
Scheduled Daily Hours:
7.5 HOURS
Pay Range:
$107,328.00-$134,160.00
Job Summary:
The Incident Response Analyst is responsible for responding to cybersecurity incidents, conducting in-depth malware analysis, and utilizing forensic tools to investigate and mitigate threats. This role involves identifying and analyzing security incidents, determining their impact, and implementing corrective actions to safeguard the organization's information systems. The Incident Response Analyst works closely with Incident Response Engineers, Threat Detection Analysts and other cybersecurity teams to ensure a coordinated and effective response to security threats.
Key Responsibilities:
Monitor security alerts and notifications from various security tools to identify potential incidents.
Respond to security incidents by following the organization's incident response procedures.
Perform initial triage of security incidents, including assessing the scope, severity, and potential impact.
Collaborate with other teams to contain and mitigate incidents, ensuring minimal disruption to business operations.
Document all actions taken during the incident response process in detailed incident reports.
Analyze suspicious files, emails, and URLs to determine whether they contain malware.
Perform dynamic and static malware analysis to understand the behavior and functionality of malicious code.
Identify indicators of compromise (IOCs) associated with malware and develop detection signatures for review by Incident Response Engineers.
Reverse-engineer malware to uncover its components, behavior, and potential impact on the organization.
Provide recommendations for remediation and protection against similar threats in the future.
Utilize digital forensic tools to investigate compromised systems and identify the root cause of incidents.
Collect, preserve, and analyze digital evidence in compliance with legal and regulatory requirements.
Conduct memory, disk, and network forensics to uncover the extent of an attack and the methods used by the attacker.
Assist in post-incident investigations, including gathering evidence, preparing forensic reports, and supporting legal actions if necessary.
Communicate findings, analysis results, and recommendations to technical and non-technical stakeholders.
Participate in incident post-mortem meetings to review the effectiveness of the incident response process and identify areas for improvement.
Maintain and optimize the tools used for incident detection, malware analysis, and forensic investigations.
Stay current with the latest developments in cybersecurity tools, techniques, and best practices.
Contribute to the development and refinement of incident response playbooks and procedures.
Required Skills and Knowledge:
Strong understanding of cybersecurity concepts, including threat detection, malware analysis, and digital forensics.
Proficiency in using malware analysis tools such as IDA Pro, OllyDbg, and Ghidra.
Experience with forensic tools like EnCase, FTK, Autopsy, and Volatility.
Familiarity with SIEM (Security Information and Event Management) systems, IDS/IPS (Intrusion Detection/Prevention Systems), and EDR (Endpoint Detection and Response) solutions.
Knowledge of operating systems (Windows, Linux, macOS) and network protocols.
Ability to analyze complex security incidents, determine the root cause, and implement effective remediation strategies.
Strong analytical skills to dissect and understand the behavior of malware.
Attention to detail in forensic investigations to ensure accurate and reliable results.
Experience with scripting languages (e.g., Python, PowerShell) for automating malware analysis and forensic tasks.
Ability to develop custom scripts to enhance incident response capabilities.
Excellent written and verbal communication skills, with the ability to document incidents and communicate technical details to diverse audiences.
Strong reporting skills, including the ability to create detailed and actionable forensic and incident response reports.
Required Experience:
Experience: 3-5 years of experience in cybersecurity, with a focus on incident response, malware analysis, and digital forensics.
Experience in Incident Response: Hands-on experience in detecting, responding to, and mitigating security incidents.
Experience in Malware Analysis: Proven expertise in analyzing and reverse-engineering malware.
Experience in Forensics: Extensive experience using forensic tools to investigate security breaches and conduct post-incident analysis.
Education:
Associate's degree or equivalent experience in Computer Science, Information Security, Cybersecurity, or a related field.
Preferred: Bachelor's Degree in Cybersecurity or related discipline.
Certifications (Preferred but not required):
GIAC Certified Incident Handler (GCIH)
GIAC Reverse Engineering Malware (GREM)
Certified Information Systems Security Professional (CISSP)
Certified Forensic Computer Examiner (CFCE)
Certified Ethical Hacker (CEH)
SANS FOR508: Advanced Incident Response, Threat Hunting, and Digital Forensics
SF-DICE-MIT
Montefiore Health System, Inc. is an equal employment opportunity employer. Montefiore Health System, Inc. will recruit, hire, train, transfer, promote, layoff and discharge associates in all job classifications without regard to their race, color, religion, creed, national origin, alienage or citizenship status, age, gender, actual or presumed disability, history of disability, sexual orientation, gender identity, gender expression, genetic predisposition or carrier status, pregnancy, military status, marital status, or partnership status, or any other characteristic protected by law.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.