Our Client is hiring a Senior Incidence Response Analyst for a full time role in Camden, NJ
Senior Incidence Response Analyst –Camden, NJ
This individual will be responsible for various parts of the incident response process -- detection, validation, containment, remediation, and communication -- for IT based security events and incidents such as malware infections, potential compromise, Distributed Denial of Service (DDoS), privacy breach etc.
This individual will be responsible for the rapid response and resolution of security incidents globally including onsite, the Cloud (AWS and MS Azure) and on SAAS applications. This will involve coordinating with internal/external teams including forensics, Legal, to identify root cause, restore services and communicate status to affected stakeholders. In addition, the individual will be involved in Targeted Threat Hunting including the continuous development of threat hunting and proactively identifying security incidents before they occur.
This role will act as the escalation path for more junior staff to validate findings and identify scope of events and support during larger investigations. This individual will act as an internal resource while overseeing the work of the Incident Response Analysts and the third party Security Operations Centers staffed by 8 – 10 external employees.
Principal Accountabilities (include percentage of time)
- Perform Level 2 and Level 3 computer security incident response activities including coordinating with the third party Security Operations Center (MSSP) and third party forensic firms including Verizon Breach Services.
- Monitor security logs in order to identify key events and incidents that require hands on investigation.
- Analyze and triage anomalies to ensure appropriate identification of risk to the Company and information.
- Oversee the forensic analysis of various incidents.
- High level, hands on coordination of information security incidents that require greater technical expertise and executive presence including escalation to third parties when there is a sense of urgency and escalation required.
- Communicate and coordinate response efforts including working with I.T., Business Leaders, and Third Parties to mitigate the impact of the risk. Manage the Crisis Management Team and activities on behalf of Director of Incident Management.
- Prepare incident reports of analysis and methodology and results of investigation. Review and sign off on reports prepared by others.
Assist with Incident Management Strategy Development, Consulting and Management of Third Party Security Operations Center, Threat Intelligence Organizations.
- Actively seek to uncover indicators of compromise for which monitoring capabilities do not yet exist.
- Collects and aggregates information from a wide variety of sources and formats them for relevance to our environment.
- Creates hypotheses for analytics and testing of threat data.
- Partner with the third party Security Operations Center (MSSP) and threat intelligence firms/organizations including Information Security Sharing forums (ISACs) to identify threats that may impact the Company.
Knowledge, skills and abilities required:
- Leverage lessons learned, threat modelling and emerging industry better practice, to analyze the effectiveness of the existing program (policies, technology and awareness) in order to continuously improve the incident management program.
- Partner with Security Business Analysts, Security Architects to identify security logging and monitoring requirements for new initiatives especially those with privacy implications.
- Review industry frameworks and best practice to advance the Company's controls in network/perimeter security, intrusion detection and response, content monitoring and filtering, vulnerability and patch management, managed threat detection and data loss prevention.
- Partner with vendors and other third parties to improve product design and delivery capabilities.
- Assist with management and review of third party contracts for the security operations center and service levels. Identify potential gaps including procedures needed to mitigate risk.
- High level of technical expertise in information security, including deep familiarity with relevant penetration and intrusion techniques and attack vectors.
- Cybersecurity in large complex companies including knowledge of global security and privacy breach laws and regulatory reporting.
- Proven experience working with third party Security Operations Center (8 – 10 people globally) and forensics firms such as Verizon Data Breach Services.
- Demonstrated ability to lead and develop cohesive and collaborative management and operational teams internally and with a third party.
- Proven experience implementing policies, procedures and technology to detect and recover from a cybersecurity attack.
- Ability to demonstrate strong computer knowledge networks, desktops, servers, cloud and software as a service technology.
- Expertise with next generation firewalls (Fortinet/Cisco/Checkpoint), Microsoft Advanced Threat Protection and 0365, Zero Day Threat Detection Technology, Threat Intelligence Feeds, Stix and Taxii Standards, Encase, Data Loss Prevention Software, Web Proxies, Web Application Firewalls.
- Strong problem-solving and trouble-shooting skills.
- Strong communication skills including writing reports and presenting to senior executives.
- Demonstrated connections to external Incident Response leaders and learning organizations.
- Normal corporate office environment, 10-15% travel as required by project assignment need. On call work is required.
For immediate consideration please submit your resume in Word format, along with daytime contact information. LOCAL CANDIDATES ONLY PLEASE
unless you are willing to relocate yourself at your own expense. Client is unable to provide H-1B Visa sponsorship at this time.
All submittals will be treated confidentially. Selected candidate may be asked to pass a comprehensive background, credit and/or drug screening. Principals only, no third parties please.
Established in 2000, Atrilogy Solutions Group, Inc. provides organizations of all sizes with high-quality, cost effective information technology (IT) and business process consulting & staffing services. Our industry-leading service model combines experienced project managers with seasoned technical and functional consultants to eliminate client uncertainty and deliver superior value and results.
Clients turn to Atrilogy for expertise in:
· IT staffing and placement (Project Managers, Agile/Scrum Masters, Business Analysts, DBA’s, Software Engineers, Mobile Developers (iOS, Android), DevOps, Automation, QA, Systems & Network Engineers, Cyber Security / Information Security Specialists)
· All major ERP & CRM packages (including Oracle, Workday, PeopleSoft, JD Edwards, Lawson, SAP, Dynamics AX, Salesforce, Microsoft CRM, NetSuite)
· Business Intelligence, Data Warehousing, and Big Data Integration
· Creative (Interactive Project Manager/Art Director, Information Architect, UI/UX Designer, Web/Graphic Design)
Atrilogy has been recognized by Inc.
magazine as one of the nation’s fastest-growing, privately-held companies. Headquartered in Irvine, California, Atrilogy also has offices in Denver, Phoenix, Atlanta, and Dallas with satellite offices in Boston, Jersey City, Las Vegas, Seattle, and Delhi, India.
Atrilogy Solutions Group is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, gender expression, national origin, protected veteran status, or any other basis protected by applicable law, and will not be discriminated against on the basis of disability.
In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification document form upon hire.