This job has expired, please see additional jobs below
Cyber Security Incident Response Analyst
Equifax
Alpharetta, GA, United States
Job Details - this job has expired, please see similar jobs below
Job Title:
Cyber Security Incident Response Analyst
Position Summary:
As a critical team member of the Equifax Security Incident Response Team, you will drive our incident response and analytic capabilities, positioning the Team to become more capable of handling today's security challenges. The Incident Response Analyst will possess technical knowledge and experience performing incident response, threat hunting, network and system monitoring, malware analysis, and has performed cyber incident related digital forensics. The Incident Response Analyst will have involvement with a robust assortment of security projects that support the Global Security team.
The Incident Responses Analyst helps ensure Company, system, and data preservation by performing immediate, effective, skillful and comprehensive response into global computer security incidents; and to contribute to the prevention of such incidents by engaging in threat hunting, proactive threat modeling, incident trend analysis, and developing monitoring and detection strategies.
Join the Equifax security team and enjoy a career with some of the best and brightest professionals in the market.
Additional responsibilities of the Cyber Security Incident Response Specialist include:
• Provide tiered technical resolution for security incidents and SOC service requests with an emphasis on Tier 3 and greater
• Conduct host and network analysis, log analysis, and malware triage in support of incident response investigations
• Formulate and lead threat hunting missions.
• Recognize and collect attacker tools, tactics, and procedures in indicators of compromise (IOCs) that can be applied to current and future investigations
• Build scripts, tools, or methodologies to enhance incident investigation processes
• Effectively communicate investigative findings and strategy to stakeholders including technical staff, executive leadership, and legal counsel
• Recommend remediation plans in response to incidents
• Perform analysis of complex datasets to produce relevant intelligence products
• Support internal investigations and identify security gaps and strategies
• Leverages ability to identify new attack TTPs and recommend mitigation techniques
• Decipher abnormalities in various log formats, with a primary focus on the internal threat landscape
• Ability to follow established processes and to improve as needed
Required Skills of the Cyber Security Incident Response Specialist:
• Minimally 3 years’ experience in a hands-on Security Incident Response role
• Lead and provide guidance for Incident Response containment and remediation activities
• Knowledge of tools used for network security (DLP, NIPS, HIPS, AV, Firewalls, etc.)
• Strong knowledge of Unix and Windows operating system functionality
• Proficient in the use of the varied and diverse log analysis
• Thorough understanding of network protocols
• Ability to work or be on-call during off hours
• English language proficiency
Core Competencies of the Cyber Security Incident Response Specialist:
• Strong research, analytic, writing and briefing skills
• Ability to effectively manage multiple, concurrent activities, while understanding and managing priorities, dependencies and risk
• Expert capabilities to research, create, develop and deliver professional briefings, multimedia presentations, and written reports to both operational and senior leadership levels
• Ability to work independently, as well as mentoring other team members
• Willingness to learn new tools and processes and proven track record of learning new technologies, methodologies, and skills
• Organizational, time management, customer service and problem-solving skills
• Demonstrated flexibility, initiative, judgment and discretion
Education:
• Bachelor’s degree (or equivalent experience) required
• Certifications such as GIAC (GCIA, GCIH, GSEC, GCFA, GCFE, etc.), CISSP, CEH or related certification(s) desired
Primary Location:USA-Atlanta JV White
Function:Function - Security Governance and Compliance
Schedule:Full time