Security Response

Crowdstrike, Carbon Black, Splunk
Full Time
Up to $125,000
Work from home available

Job Description

Tier 2 Incident Analyst will coordinate the response activities for cyber security incidents across the Global company environment. The successful candidate will focus on reviewing, triaging, analyzing, and remediating cyber security incidents. The Tier 2 analyst is the escalation point for level one event analysts, and as such, will handle validated cyber security incidents, in accordance with the cyber security incident response process. The successful candidate will perform functions such as log analysis, conduct in-depth technical analysis of network traffic and endpoint systems, enrich data using multiple sources, and will be responsible for rapid handling and mitigation of cyber security incidents.

The candidate will join a team of event analysts and incident res ponders, and will have an opportunity to participate in a number of Global cyber security initiatives. Successful candidates should be familiar with incident response processes, network investigative techniques, network intrusion patterns, malware analysis, and cyber security trends and issues.

**This position requires that the candidate be a .**

1. MUST HAVE - 3-6 years’ experience working in incident response and/or other IT related fields tied to networking and enterprise information system environments.
a. Preference is true Incident Response experience, where the candidate has worked investigations related to enterprise network compromise.
2. MUST HAVE – Hands on experience with security tools
a. Splunk – advanced Splunk query language, ability to create dashboards, does not need oversight in performing Splunk searches to support an investigation
b. EDR Experience (Crowdstrike or Carbon Black) including scripting, live host analysis, extracting artifacts
c. Ability to analyze PCAPs commonly pulled for Network Defense tools
3. MUST HAVE - Good written and verbal communications skills. Tier 2 analysts have to write investigation reports which are often shared with auditors, regulators, and executive management MUST HAVE – In depth knowledge of network protocols, enterprise architecture, and common network logging functions.

NO THIRD PARTIES, NO SUB-CONTRACTORS, NO CORP to CORP

Data Resource Technologies Inc. is an Information Technology Staffing Firm serving the markets of the United States of America; the greatest country in the world. We work with Direct Clients Only and do not participate in multi layer contracts. Earn The Most Possible and put over 60 years of Information Technology Industry experience to work for you today, Call or Apply NOW!!!

Dice Id : 10124769
Position Id : Cyber Security
Originally Posted : 2 months ago
Have a Job? Post it