Incident Response Analyst Job Salisbury area,North Carolina USA,IT/Tech

Incident Response Analyst

Salisbury, NC (Remote) 90% Remote: must be within driving distance of Salisbury, NC in case they need to come in (~1x month)

6 months Contract to Hire

Top 3 requirements:

5+ years of incident response experience

MS Security Tools Suite Experience (Defender)

SIEM

Principle Duties and Responsibilities:

Advance and maintain incident response plan.
Lead incident response events and activities.
Subject matter expert responsible for managing threats, disseminating information, and handling, responding to, and investigating all incident escalations from the Tier 1 and 2 analysts.
Point of escalation for Tier 1 & 2. Management of the incident response process if previous IR tiers could not resolve the ticket.
Perform event investigation, post incident root cause analysis, remediation planning, capture metrics, compile and track lessons learned, document and disseminate incident report in coordination with the IR process.
Evaluate and recommend emerging technologies within information security.
Work independently with 3rd party providers, vendors, and other departments.
Provide 24x7 operational support for escalations on a rotating basis.

Basic Qualifications:

Bachelor's degree in Information Security or related field or equivalent work experience.
5+ year's experience in information security including incident response.
Excellent organization, communication, collaboration, and interpersonal skills.
Ability to communicate and present complex issues and ideas with precision and clarity, adjusting appropriately for the audience; ability to communicate effectively at all levels of the organization.
Experience working within a large, complex corporate environment providing consulting services on large initiatives.
Experience managing and prioritizing multiple tasks in an effective manner.
Knowledge and understanding of network and security fundamentals, protocols, and technologies.
Strong understanding of mitigating security controls (i.e., anti-virus, IPS/IDS, email filtering, web site blocking, patching) and how they work in an overall defense in depth risk assessment methodology.
Understanding of Technology Platforms (Windows, Open Source, Middleware Applications, Database Applications, Cisco, Microsoft security suite)
Understanding of incident handling.
Experience developing and providing effective and professional presentations to all levels (including Senior Management).
In-depth knowledge of security protocols and principles.
Ability to work in a dynamic and diverse team-oriented environment.

Preferred Qualifications:

Industry-recognized security, network, or other professional certifications sponsored by organizations such as SANS, ISC2, Microsoft, Cisco, and Offensive Security.
Working knowledge MITRE ATT&CK Framework, CIS Controls, and OWASP.
Experience managing projects, vendor management, and leading staff.
Experience in conducting training and mentoring.
Strong subject matter expertise in incidence response.
Strong understanding of Information Security industry standards/best practices such as NIST.
Strong understanding of Information Security related laws and regulations including HIPAA and PCI.
Experience with engineering and/or architecture of technologies such as network firewalls, intrusion detection sensors, antimalware technologies, vulnerability scanning technologies, and APT prevention technologies.
Experience developing and maintaining operational metrics.
Knowledge of cloud computing technology (e.g. Azure, Google Cloud, AWS, etc.)


Increase/decrease your Search Radius (miles)



Job Posting Language