Incident Response/IT Security Analyst

in Winston-Salem, NC

Job #:275622

Practice Area: IT

Date Posted: 07/09/2019

Share this job  

Job Title:  Incident Response /IT Security Analyst
Location:  Winston-Salem, NC

Terms:  Contract-to-Hire

Requirements:  malware, TTPs, IOCs, forensic artifact handling, Insider threat support

Incident Response Analyst/IT Security Analyst Job Summary:

The Incident Response Analyst is responsible for identifying and responding to cyber security incidents. This individual will be qualified to perform intrusion investigation and the methodical incident response necessary to accomplish the active defense goals of the organization. They will demonstrate Intelligence driven incident response by analyzing all the available data, operationalizing information gathered from investigative procedures, and contribute intelligence to members of the security team to improve network defense.

This position is 100% technical.

Incident Response Analyst/IT Security Analyst Job Responsibilities:

  • Work with the Security Team to understand applicable Security policies and how they can be supported by existing core security tools, for monitoring, alerting, and identification of potential security anomalies.
  • Perform administrative tasks for core security functions, such as firewall, VPN, Malware detection, Intrusion Detection and Prevention, Identity Management, Security Information and Event Management (SIEM)
  • Create reports and monitor activities on core security tools
  • May configure, performance tune, and upgrade core security tools
  • Deliver recurring scans of systems, scan findings and feed into remediation tool, and deliver on-request scans of systems and apps.
  • Respond to audits by providing requested evidence, as needed
  • Identify and respond to information security-related incidents
  • Conduct:forensic artifact handling and analysis Adversarial TTPs analysis Automated malware analysis Insider threat support
  • Demonstrate proper understanding of the incident response cycle and subsequent steps within each appropriate phase to ensure proper identification, comprehensive response, and effective handling of security incidents threatening the environment.
  • Coordinate with SOC analysts to identify security alerts in a responsive manner and collaborate with security engineers to maintain visibility of necessary data feeds
  • Contribute to the prevention of such incidents by operationalizing threat intelligence to develop monitoring and detection strategies


Incident Response Analyst/IT Security Analyst Job Requirements:

  • Security certification(s) such as Linux+, Microsoft MCSA, EC Council CEH and/or Comptia Security+ is desirable.
  • Experience with cyber kill chain and IT security frameworks (NIST, Critical Security Controls, MITRE ATT&CK, Diamond Model, Cyber Kill Chain)
  • Knowledge of network security tools/solutions deployed in environment (end-point agents, SIEM, FWs, VPNs, web security, IPS, email security)
  • Can identify attacker TTPs and IOCs and apply to current and future investigations
  • Can interpret the results of automated malware analysis services (logical and technical understanding of malware behaviors)
  • Can effectively communicate investigative findings to stakeholders
  • Basic SysAdmin skills (Win, Mac, Linux)
  • Basic programming/scripting skills (Python, Powershell, bash), can build scripts to enhance incident investigation process
  • Intermediate security knowledge and skills (Network+, Security+, GSEC, GCIH, GCFA)
  •  Experience with core security tools, such as QRadar, EPO, F5, ADFS, Checkpoint, etc. is desirable.

Incident Response Analyst/IT Security Analyst Key Words:

  • Malware
  • TTPs
  • IOCs
  • forensic artifact handling
  • Insider threat support

Frequently Asked Questions:

  • Benefits?  Yes, provided by ettain group / Yes, provided the client
  • Remote Workers?  Sits on site, but has the potential to be partially remote after first few months.
  • Visa Sponsorship?  Not offered
  • Corp-to-Corp?  Not eligible


Apply Now