לצערנו המשרה כבר לא בתוקף

Lead Incident Response Analyst

5-6 שנים |
משרה מלאה
| 18/03/2021
תיאור משרה

This role will sit within the Security Operations group, which protects and defends. The Lead Incident Response Analyst will work in both a team environment and independently to analyze information security systems and threat intelligence in order to detect and respond to potential threats and recommend mitigation strategies.
What You'll Do
"Function as a focal technical lead on incident events providing technical, hands-on investigation, and support
"Lead the investigative process for network intrusions, products, and other cybersecurity incidents to resolve the cause and extent of the attacks
"Handle the chain of custody for all evidence collected during incidents, security, and forensic investigations
"Summarize events and incidents effectively to different constituencies, such as legal counsel, executive management, and technical staff, both in written and verbal forms
"Perform sophisticated malware detection and threat analysis
"Prioritize and differentiate between potential incidents and false alarms
"Continuously review SIEM dashboards, system, application logs, Intrusion Detection Systems (IDS), and custom monitoring tools
"Perform QA and lead and train Tier 1 incident responders to investigate and resolve any security incidents while encouraging teamwork and growth
"Provide technical input into and analysis of strategic and tactical planning to ensure accurate and timely service deployments
"Stay up to date with current vulnerabilities, attacks, and countermeasures to effectively handle the responsibilities of this role
משרה 102288

דרישות התפקיד

"Bachelors degree in computer science/information security/similar major or demonstrable experience in a related field
"Deep understanding of security incident handling and forensics skills including probing and attack methods, network/service discovery, system assessment, viruses, and other forms of malware
"Experience mitigating and addressing threat vectors including Advanced Persistent Threat (APT), Distributed Denial of Service (DDoS), phishing, malicious payloads, malware, applications, etc.
"Experience with information security technologies such as, but not limited to, SIEM, IPS/IDS, vulnerability management software, user behavior monitoring, unstructured data monitoring tools or internet content filters
"Solid grasp of network technologies including TCP/IP, IDS/IPS, firewalls, LAN/WAN, routing and switching
"Solid grasp of application/business/systems security analyst experience
"Strong analytical skills and attention to detail, as well as excellent communication skills
What Else
"Any of the following professional certifications: CISSP - Certified Information Systems Security Professional, CEH - Certified Ethical Hacker, CompTIA Security +, SANS GIAC, and Microsoft, Linux, Networking or related certifications
"Knowledge of offensive security techniques and familiarity with scripting languages and data analysis tools
"Experience working in a global company
"Knowledge of common security assessment frameworks such as MITRE AT