Security Analyst (Senior)

JOB DESCRIPTION
Considered an expert level security specialist. Manages very complex or multiple projects. Considered an expert and provides advice in their field influencing the thinking of others. Participates and supports all aspects of the project life cycle; from the initial kickoff through the requirements analysis, to implementation, and operational handoff. Takes a leadership position in the design of infrastructure solutions based on the requirements, architectural roadmap and guiding principles. Key deliverables include the detailed design documentation, specifications, decision recommendations and impact assessments. Consulting on projects with regard to security including costs, work packages estimation and dependency identification. Ensures the security design is implemented appropriately by the implementation team and revisions to configuration specifications are reviewed, approved, and documented.
__________________________________________________________________
The Senior Digital Forensics and Incident Response (DFIR) Specialist position reports to the Manager of Cybersecurity Defense & Response. As a Senior DFIR Specialist, you will play a critical role in our cybersecurity team, helping to protect our organization against digital threats and responding to incidents with the highest level of expertise and precision. In collaboration with business partners and teams across Information Systems (IS), you will be responsible for identifying and responding to cyber security incidents, ensuring appropriate threat mitigation, and continuously improving our detection and response capabilities.
Responsibilities
Lead and coordinate the incident response team in handling cybersecurity incidents, including data breaches, malware infections, insider threats, and other security breaches.
Conduct comprehensive digital forensics investigations to identify the origin, extent, and impact of security incidents. Ensure all forensic procedures adhere to industry best practices and legal requirements.
Analyze and interpret log data, network traffic, and other sources of information to identify items that can be automated and signs of potential security threats or compromise.
Proactively monitor systems for suspicious activities and take necessary actions to mitigate threats.
Prepare detailed reports on incidents, investigations, and security risks, providing clear and actionable recommendations for improvements.
Collaborate closely with cross-functional teams, including IT, legal, and compliance, to ensure a cohesive approach to incident response and compliance with relevant regulations.
Remain up to date with the latest industry trends, threat landscapes, malware trends, attack techniques, and emerging technologies to continuously enhance your skills and knowledge.
Provide guidance and mentorship to members of the Defense and Response team.
Effectively communicate threat information and system status to leadership and stakeholders.
Participate in projects related to the deployment of IS Cybersecurity operations tools and practices.
Participate in Tabletop exercises related to Incident Response and Business Continuity. Desired Qualifications
In-depth knowledge and experience in performing forensic investigations, both on-premises and in the cloud, utilizing a wide array of Cybersecurity tools.
Excellent communication and leadership abilities, enabling you to collaborate effectively with diverse teams and guide them through incident response processes.
Demonstrated ability to identify requirements/needs, assess solutions and provide recommendations.
Exceptional problem-solving skills, with the ability to analyze complex challenges and provide innovative solutions.
Experience in organizations that support SCADA networks, pipeline operations, and Industrial Plant Control systems is a plus.