Senior Enterprise Incident Analyst

Location: Atlanta, Georgia
Posted On: 9/7/2017
Job Code: 5445_SOCGA
Job Description
• Experience within a security operations environment (SOC) with emphasis on cyber security incident management, network, host and application security, intrusion detection and/or other security event analysis
• Advanced experience with log and packet analysis tools and techniques
• Working knowledge of security incident response tools, SIEM, working knowledge of Windows, UNIX/LINUX operating systems, and networking devices
• Malware Analysis: Ability to perform surface malware analysis to help understand the type of malware, properties, and basic facts from a high-level perspective.

Must Have:
• At least three (3) years of work experience in IT security or other related discipline.

Training: CompTIA Security+ and GIAC Certified Incident Handler (GCIH), GIAC Certified Intrusion Analyst (GCIA) or other equivalent security certifications
Primary Responsibilities:
• Monitor and triage detected or reported incidents to identify the suspicious activity and to determine incident validity
• Prioritize and differentiate between potential attacks, intrusions attempts, and false positives
• Collect initial IOCs (indicators of compromise) and determine the scope of the compromise
• Establish the timeline of events and correlate multiple alerts related to the same incident, as necessary.
• Document and communicate incident investigation / triage results, in accordance with established reporting procedures
• Track incident investigations to resolution – work with incident responders as necessary
• Provide hands-on help to Level I and Level II Incident Analysts with tasks relating to incident investigation & triage
• Assist with onboarding training and mentoring to help raise the talent/skill level of Cyber Security Incident Analysts
• Assist with monitoring of incident queues and incident assignments to ensure the most efficient and effective incident response and resolution
• Compose cyber incidents notifications and other communications, as needed.
• Respond to requests for ad-hoc reporting and research topics from management, as required
• Recommend effective process changes to enhance monitoring and triage procedures
Category:IT  code:new
Job Requirements
SOC, Cyber Security Incidents, Malware, Attacks, Threats

Not Ready to Apply?
Contact Details
Sidhartha Suveny
E-mail Address