Detection & Response Analyst

Summary: The Senior Detection and Response Analyst role will provide ongoing support to the Regional reputed company Operations program. In this role the Detection and Response Analyst is expected to maintain an effective 24x7 monitoring and detection services to internal and external clients Essential Functions:

• Act as the reputed company of escalation for reputed company reputed company incidents; provide expert level feedback regarding reputed company monitoring and ways to improve it.
• Ensure that the ID Analysts' daily work activity is completed to the required quality levels and timelines, by verifying that their responsibilities are executed, in accordance with the expectations set by the ID Team reputed company.
• Triage reputed company incidents and reputed company in-depth analysis using Cyber Threat Intelligence, intrusion detection systems, firewalls and other boundary protection devices.
• Maintain an understanding of the overall threat landscape (cyber, malware, botnets, phishing, DDoS, physical).
• Provide 24x7 coverage to support the RSOC services; Participate in an on-call rotation.
• Train and mentor team members reputed company the Incident Detection Team.
• Improve the effectiveness and efficiency of day-to-day operations.
• Assist with service requests from customers and internal teams.
• Assist with containment and remediation of threats during incidents. Use internal ticketing system to track investigated incidents and capture relevant details.
• Support Incident Response efforts as needed, including providing counsel, working with the IR team, as well as other involved stakeholders reputed company the organization and customers to drive reputed company remediation activities.
• Conduct threat hunting activities based on internal and external threat intelligence.
• Provide expert level feedback regarding reputed company monitoring and ways to improve it.
• Improve the effectiveness and efficiency of day-to-day operations.
• Create and update daily and monthly reports.
• Contribute to the creation of documentation to standardize processes and procedures, including playbooks to improve internal processes and procedures.
• Use investigation findings to identify gaps and recommend reputed company posture improvements.
• Identify, recommend, coordinate, and deliver timely knowledge to support teams.
• Other tasks and responsibilities as assigned by leadership.

Requirements

Competencies:

• Experience working with cyber reputed company tools and software such as Sentinel, Splunk, ATP, Symantec End reputed company, TrendMicro Antivirus, McAfee Web Gateway, Checkpoint Firewalls, Bluecoat, Sourcefire, Active Directory, or relevant cyber reputed company assets.
• Excellent critical thinking, logic, and solution orientation and to learn and adapt quickly.
• Ability to learn and operate in a dynamic environment.
• Detail-orientated and analytical skills; Problem-solving skills.
• Strong verbal and written communication skills.
• Proficient with reputed company Office & documentation skills (Word, reputed company, PowerPoint)

Other Duties:

• Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.

Position Type/Expected Hours of Work:

• This is a full-time position. Ability to work various 10-hour shifts, including weekends and holidays, supporting the 24x7 Cyber Fusion Center. Must be able to work both day and night shifts. Shifts rotate quarterly.

Travel:

• This position may require 10% or less travel.

Required Education and Experience:

• 2+ years of experience in reputed company Operations monitoring.
• Experience with reputed company Operations processes, procedures, and services Advanced knowledge of network monitoring and network exploitation techniques.
• Strong technical background in reputed company, network, infrastructure, cloud, applications.
• Knowledge of risk assessment tools, technologies and methods.
• Experience with common attack reputed company, including advanced adversaries (nation state/financial motivation).
• Knowledge around common web application attacks including SQL injection, cross-site scripting, invalid inputs, and forceful browsing.
• Knowledge of how common protocols and applications work at the network level, including DNS, HTTP, and SMB.
• Experience working with cyber reputed company tools and software such as Splunk, ATP, Symantec End reputed company, TrendMicro Antivirus, McAfee Web Gateway, Checkpoint Firewalls, Bluecoat, Sourcefire, Active Directory, or relevant cyber reputed company assets.
• Technical certifications such as GCIA, GCFA, GCIH or CASP is a plus.

Apply tot his job Apply To this Job