Senior Cyber Incident Response Team Analyst - Remote
Company: Center for Internet Security, Inc.
Location: East Greenbush
Posted on: September 23, 2024
Job Description:
Senior Cyber Incident Response Team Analyst - Remote
Job Locations
US
ID
2024-2050
Category
Operations and Security Services
Type
Regular Full-Time
Remote?
Yes
Overview
Reporting to the Cyber Incident Response Team (CIRT) Manager, the
Senior CIRT Analyst will work as a member of the Multi-State
Information Sharing and Analysis Center (MS-ISAC) and Elections
Infrastructure Information Sharing and Analysis Center (EI-ISAC)
CIRT to help respond to cyber incidents impacting State, Local,
Tribal, and Territorial (SLTT) governments. This position involves
critical duties and responsibilities that must continue to be
performed during crisis situations and contingency operations,
which may necessitate extended hours of work. The Center for
Internet Security (CIS) makes the connected world a safer place for
people, businesses, and governments through our core competencies
of collaboration and innovation. We are a community-driven
nonprofit responsible for industry leading best practices for
securing IT systems and data. We lead a global community of IT
professionals to continuously evolve these standards and provide
products and services to proactively safeguard against emerging
threats. Salary Range: $124,800 - $218,400 We offer a competitive
total rewards package at the Center for Internet Security:
- Base salary is determined on a number
of factors including, but not limited to, education, experience and
skills
- Health (PPO, EPO, HSA), Dental & Vision Insurance eligibility
starting from the first day of hire
- $500 wellness card for Health Coverage Participants
- 401(k) with 4% Company Match, vested from the first day of
hire
- Flexible Spending Account (FSA) & Dependent Care Account
(DCA)
- Life Insurance
- Bonding Leave
- Paid Volunteering Program
- Bonus eligibility
- Paid Time Off (PTO) inclusive of vacation, personal and sick
time
- Paid Holidays
- Wellness Program
- Employee Engagement Activities
- Professional Development Opportunities
- Tuition Reimbursement
- Student Loan PayDown Program
- Employee Referral program
- Employee Assistance Program
What You'll Do
- Provide Incident Response, Computer Forensics, and Malware
Analysis services to SLTT governments, as well as internal teams at
CIS
- Perform forensic analysis in response to cyber-attacks and
computer security breaches on compromised SLTT systems and networks
with diverse architecture, operating systems, and size, to identify
the extent and nature of the compromise and provide recommendations
on containment, eradication, and remediation steps
- Conduct incident response calls with SLTT governments, as well
as third party vendors, external incident response teams, and/or
cyber insurance companies
- Provide detailed technical reports to document the findings
that result from both forensic analysis and incident response cases
for internal and external organizations
- Guide partners through the incident response process and
technical investigations, utilizing excellent verbal communication
skills effective for coaching and supporting victims in response to
crisis, specifically cyber attacks
- Ability to provide consultation to third party SLTT government
organizations with diverse technical backgrounds and skill sets,
including review and analysis on external networks, typically
unknown to CIRT
- Identify indicators of compromise (IOCs) from SLTT networks to
support community network defense
- Perform consultation services in conjunction with incident
response planning and best practices, delivered in presentations,
webinars, blogs, and podcasts
- Support and respond to any security-related questions or
incidents reported from MS-ISAC/EI-ISAC members
- Analyze previously undisclosed software and hardware
vulnerabilities
- Collaborate across internal CIS functions and other MS-ISAC and
EI-ISAC teams to provide excellent cybersecurity services
- Assist with improvements to policies, procedures, technologies,
tools, techniques, and operational efficiencies
- Responsible for complex tasks, assignments, and projects,
including but not limited to, the training and development of new
computer forensic analysts
- Perform tasks independently with some oversight
- Other tasks and responsibilities as assigned
What You'll Need
- Bachelor's degree in Digital Forensics, Cybersecurity, Computer
Science, or a related field*
- 3+ years' experience in Security, Network Administration, or
equivalent knowledge
- Knowledge of incident response procedures, processes, and
techniques
- Experience with various operating systems, such as Windows,
Linux, and MacOS
- Thorough knowledge of networking and Windows fundamentals,
specific to that of protocols, internal tools, server
infrastructure, monitoring software, etc.
- Comprehension of system and application security threats and
vulnerabilities
- Knowledge of various host and network-based security
controls
- The position is open to U.S. Citizens and requires a favorably
adjudicated DHS Fitness Review for Public Trust Positions**It's a
Plus if You Have:
- 3+ years experience with Incident Response, Forensics, and/or
Malware Analysis
- Experience with scripting or markup languages such as Python,
Windows PowerShell or GO
- Experience delivering technical presentations and reports and
ability to articulate technical processes and information to a
non-technical audience
- Familiarity with interpreting, querying, and accessing various
log types (e.g., Windows Event, Web server, Firewall logs,
etc.)
- Working knowledge of forensic methodologies and related tools
such as Magnet AXIOM, Cyber Triage, SANS SIFT, and Kroll's KAPE.
Additionally, familiarity with open-source tooling such as the Eric
Zimmerman toolset, etc.
- Certifications in related areas (e.g., GCIH, GCFA, GCFE, ECIH,
CYSA+, CCFE, CFCE, etc.)
- Experience in conducting threat hunting in a SIEM and/or EDR
suite, and/or manual network investigations
- Knowledge of adversarial tactics, techniques, and procedures
with an understanding of mapping these to the MITRE framework
- Demonstrated history of service to the community, either in a
volunteer or professional capacity*Additional years of relevant
experience or a combination of an Associate's degree or equivalent
and relevant experience may be substituted for the Bachelor's
degree. **Factors that may cause a negative Fitness Review decision
include:
- Criminal Conduct
- Dishonest Conduct
- Employment Misconduct
- Alcohol Abuse
- Drug Use (illegal drug use or use of a legal drug in a manner
that deviates from approved medical direction)
- False Statements
- Have not resided in the US for three (3) of the past five (5)
yearsAt CIS, we are committed to providing an inclusive environment
in which the diverse backgrounds, experiences, and views of our
employees, members, and customers are valued and respected. It is
through this commitment that we are able to work together towards
our common mission: to make the connected world a safer place.
Keywords: Center for Internet Security, Inc., Troy , Senior Cyber Incident Response Team Analyst - Remote, Professions , East Greenbush, New York
Didn't find what you're looking for? Search again!
Loading more jobs...