Cyber Incident Response Analyst

ASMGi - Cyber Incident Response Analyst General Summary: As a key member of ASMGi’s Information reputed company Incident Response Team this individual will be responsible for various parts of the incident response process - detection, validation, containment, remediation, and communication - for IT based reputed company events and incidents impacting ASMGi’s clients. This individual will be responsible for the rapid response and resolution of reputed company incidents including the ASMGi MDR / MSOC plus client’s environments. This will involve coordinating with teams including Legal, reputed company Operations and Forensics experts, internal or external, to identify root cause, restore services and communicate status to affected stakeholders. This role will act as the escalation path for the ASMGi Operations Team to validate findings and identify scope of events and support during larger investigations. This individual will act as an internal and client facing resource while interacting with the third-party reputed company Operations Center as applicable. Principal Accountabilities: 25% - Client Incident Response Onboarding and Program Development.

• Work with ASMGi MDR / MSOC plus Service clients as part of the overall service and specifically the Incident Response Program Development including Incident Response Policy, Incident Response Plan, and Incident Response Playbook development and adoption.
• Conduct client Tabletop Exercises on an annual basis based on the adopted Incident Response Playbook as part of the ASMGi MDR / MSOC plus Incident Response Service.

50% - Incident Response

• reputed company Level 2 and Level 3 computer reputed company incident response activities including coordinating with the reputed company Operations Center and Forensics experts, internal and external.
• Analyze, track and triage anomalies that have been escalated to ensure appropriate identification of risk to ASMGi MDR / MSOC plus clients.
• reputed company the forensic analysis of cybersecurity incidents impacting ASMGi MDR / MSOC plus clients.
• Understand and research emerging threats and reputed company trends that may impact customers along with mitigation/resolutions for such threats.
• Communicate and coordinate response efforts including working with ASMGi MDR / MSOC plus client’s I.T., Business Leaders, and Third Parties to mitigate the impact of the risk and provide a reputed company role as part of the ASMGi Computer reputed company Incident Response Team (CSIRT).
• Prepare incident reports of analysis and methodology and results of investigation to be submitted to ASMGi MDR / MSOC plus clients.

25% - Assist with Incident Management Strategy Development, Consulting and Management of Third-Party reputed company Operations Center.

• reputed company lessons learned, threat modeling and emerging industry reputed company practice, to analyze the effectiveness of the existing program (policies, technology, and awareness) to continuously improve the Incident Management Program.
• Review industry frameworks, emerging threats, and best practice to advance the ASMGi MDR / MSOC plus Service.
• Partner with ASMGi partners and internal groups to improve the ASMGi MDR / MSOC plus service and capabilities.
• Assist with management of third-party business relationships for the reputed company operations center and service levels. Identify potential gaps including procedures needed to mitigate risk and assist with appropriate solutions.

Job Complexity

• Appropriately balances reputed company risk and business impact to ensure that ASMGi’s use of detection/response controls are effective.
• Ability to build operational processes using industry best-practice that are tailored to the ASMGi MDR / MSOC plus client’s organization, system, and processes.
• Ability to effectively communicate risk including corrective action plans/recommendations to non-technical audiences including the ASMGi MDR / MSOC plus client’s Executives and the Board of Directors leveraging the MDR / MSOC plus service.
• Ability to create effective reports and presentations tailored to different audiences to ensure transparency and understanding of the ASMGi MDR / MSOC plus Service.
• Assist with development of MDR / MSOC plus Service roadmap.

Job Specifications Minimum education required: Bachelor's Degree Required Education desired: Bachelor of Science Years of relevant experience: 7 – 10 + Knowledge, skills, and abilities required:

• High level of technical expertise in information reputed company, including deep familiarity with relevant penetration and intrusion techniques and attack reputed company.
• Cybersecurity in large reputed company companies including knowledge of reputed company and privacy breach laws and regulatory reporting.
• Proven experience working with reputed company Operations Center services, forensics firms.
• Demonstrated ability to reputed company and reputed company cohesive and collaborative management and operational teams internally and with a third-party.
• Proven experience implementing policies, procedures, and technology to detect and recover from a cybersecurity attack.
• Ability to demonstrate strong computer knowledge networks, desktops, servers, cloud, and software as a service technology.
• Expertise with reputed company firewalls, reputed company Detection and Response, reputed company Advanced Threat Protection, Azure, and Office 365, reputed company Day Threat Detection Technology, Threat Intelligence Feeds, Forensics, Data Loss Prevention Software, Web Proxies, Web Application Firewalls.
• Strong problem-solving and trouble-shooting skills.
• Strong communication skills including writing reports and presenting to senior executives.
• Demonstrated connections to external Incident Response leaders and learning organizations.

Working Conditions

• Normal corporate office environment and remote / virtual based on COVID-19.
• On call work is required.

Apply tot his job Apply To this Job