Cybersecurity Analyst - Incident Response Lead
Tasks
- Align incidents with compliance requirements
- Analyze EDR alerts
- Analyze EPP alerts
- Analyze SIEM alerts
- Automate incident response workflows
- Communicate incident status to stakeholders
- Conduct incident response exercises and tabletop scenarios
- Conduct root cause analysis
- Conduct threat hunting
- Coordinate incident response with IT and engineering
- Correlate logs across data sources
- Develop and maintain incident response playbooks
- Develop detection use cases
- Document incidents for compliance
- Implement incident response process improvements
- Implement tooling improvements
- Integrate threat intelligence
- Lead end to end incident response
- Perform host-based forensic analysis
- Perform log based forensic analysis
- Perform network based forensic analysis
- Preserve evidence for legal compliance
- Produce forensic reports
- Refine detection logic
- Support CMMC assessment activities
- Track incident response metrics
Perks/Benefits
- N/A
Skills/Tech-stack
Detection and Response | Detection engineering | Digital forensics | EDR | Endpoint Detection and Response | Endpoint detection | Event Correlation | Forensic analysis | Incident Management | Incident Response | Log Analysis | Microsoft Sentinel | NIST SP | NIST SP 800 | NIST SP 800-61 | SIEM | Security Incident Management | Security incident | Splunk | Threat Intelligence | Threat hunting
Education
Bachelor of Engineering | Bachelor of Science | Master of Science
Roles
Analyst | Cybersecurity Analyst | Incident Response Lead | Lead
Related jobs
-
Senior SOC Analyst USD 130K-135KATTACK | Behavioral analytics | Cyber Threat | Cyber Threat Intelligence | Detection engineering401k matching | Bereavement leave | Disability insurance | Employee assistance program | Employee discount programSenior-level Full TimeSt. Louis, MO, United States5h ago
-
Cybersecurity Intern USD 65K-75KAccess Management | EDR | Endpoint Security | Identity & Access | Identity & Access ManagementEntry-level Full Time InternshipCanonsburg, PA, United States6h ago
-
Audit preparation | Compliance Management | Cyber Hygiene | Cybersecurity frameworks | Dashboard ReportingHybrid work option | Mentorship | Paid Co Op ProgramEntry-level Full Time InternshipMiami, FL, United States12h ago
-
Cybersecurity Analyst USD 110K-140KAccess Management | Alert triage | Application control | Audit Logging | Compliance Evidence401k matching | Dental insurance | Dinners Provided Weekly | Employee stock purchase plan | Health insuranceEntry-level Full TimeEl Segundo, California, United States20h ago
-
Security Operations Center (SOC) Analyst II USD 69K-138KAnalytics engineering | DevOps | Endpoint Management | Event Correlation | FirewallOn-call rotationMid-level Full TimeWest Des Moines, IA, US20h ago
-
Principal Systems Services and Support Analyst USD 89K-171KAmazon Web Services | Archiving | Case reporting | Cause analysis | ClearwellHybrid work scheduleSenior-level Full TimeOne Destiny Way, Westlake TX, United …22h ago
-
Lead Cloud Security Engineer USD 120K-167KAPI Integration | AWS | AWS CloudFormation | AWS CloudTrail | AWS CloudWatch401k | Dental insurance | Medical insurance | Paid time off | Vision insuranceSenior-level Full TimeDallas, TX, United States22h ago
-
GRC Analyst – Enterprise & Third Party Risk USD 75K-125KAccess Management | Audit evidence | Audit management | Awareness Training | Business ContinuityMid-level Full TimeIrving - Royal 10, United States22h ago
-
Information System Security Officer - TS/SCI w/Polyraph USD 158K-214K800-37 | 800-53 | AWS | Cloud Security | Configuration ManagementPaid Holidays | Paid parental leave | Paid vacationSenior-level Full TimeUSA MD Bethesda - Customer Proprietary …22h ago
-
Security Analyst II (Weekends/Days) USD 77K-97KAlert triage | EDR | Email Security | Google SecOps | Hash analysis401k retirement program | Company holidays | Dental insurance | Disability insurance | Educational programsMid-level Full TimeTampa, FL Hybrid R1d ago
-
Cybersecurity Incident Response Triage Analyst USD 57K-109KAWK | Active Directory | Data Loss Prevention | Data loss | Detection SystemsMid-level Full TimeArlington, VA1d ago
-
Insider Risk Analyst - SkillBridge Intern USD 66K-100KAccess logs | Alert triage | Behavior analytics | Cause analysis | DLPEducation reimbursement | Health plans | Paid time off | Parental leave | Remote workEntry-level InternshipRemote - USA R1d ago
-
Cybersecurity Analyst II USD 88K-128K800-53 | ACAS | Assessment & Authorization | Cyber Risk | Cyber Risk Assessment401k match | Dental insurance | Disability insurance | Health savings account | Life insuranceMid-level Full TimeColorado Springs, CO, United States1d ago
-
SOC Analyst I USD 50K-55KDetection Systems | Detection and Response | Endpoint Detection and Response | Endpoint detection | Endpoint protection24/7/365 shift workMid-level Full TimeTampa, FL, US1d ago
-
SOC Analyst USD 100K-130KAdvanced Persistent Threat detection | Advanced persistent threat | Cyber Kill Chain | Forensic analysis | Incident Response401k | Dental insurance | Education assistance | Health insurance | Life insuranceMid-level Full TimeAlexandria, VA, US1d ago
-
Access Control | Account Permissions | Cyber intelligence | Data Classification | Device ForensicsMid-level Full TimeTexas-Austin1d ago
-
Agency Information Security Professional 1 USD 71K-112KChange Management | CrowdStrike | Cybersecurity | Incident Response | Information TechnologyDental insurance | Education and development opportunities | Health insurance | Life insurance | Paid time offEntry-level Full TimeUnited States of America-OHIO-Franklin County-Columbus1d ago
-
Cyber Security Analyst USD 63K-105K800-53 | ACAS | Contingency Planning | Continuous Monitoring | DISA STIGsEntry-level Full TimeUSA-VA-Virginia Beach1d ago
-
Cyber Security Analyst USD 90K-149K800-53 | 800-53A | ACAS | Assessment and Deployment Kit | Continuous MonitoringHybrid work arrangementMid-level Full TimeUSA-VA-Virginia Beach1d ago
-
Security Support Engineer Lead USD 140K-180KAWS Cloud | Active Directory | Agile | Backup administration | Cause analysisOn-call supportSenior-level Full TimeBethesda, MD, United States1d ago
-
Incident Response (IR) Tech Lead USD 160K-190KAdvanced Persistent Threats | Automation and response | Computer Networking | Correlation Analytics | Data Analysis24x7x365 operations environment | Ability to work weekends and holidays | US citizenship requiredSenior-level Full TimeBethesda, MD, United States1d ago
-
Incident Response Analyst USD 60K-85KAnomaly Analysis | Antivirus | Cyber Kill Chain | Cybersecurity | Digital Investigation401k matching | Computer reimbursement | Dental insurance | Disability insurance | Employee assistance programMid-level Full TimeBethesda, MD, United States1d ago
-
Tier II Incident Response Analyst USD 85K-110KCIRT | Cloud Security | Cyber Forensics | Cyber Kill Chain | DHCPMid-level Full TimeBethesda, MD, United States1d ago
-
Computer Network Defense (CND) Analyst 3 (CCAs Accepted) USD 115K-164KAnalytics | Artificial Intelligence | Cybersecurity | Defensive Signatures | Event CorrelationBranded clothing | Dental insurance | Employee referral bonus | Flexible work location | Health savings accountMid-level Full TimeBluffdale, UT1d ago
-
Information Security Analyst II USD 68K-86KAccess Controls | Access Governance | Access Management | Access provisioning | CIS401k matching | Bonus eligible | Dental insurance | Disability insurance | Employee assistance programMid-level Full TimeWI-West Bend US-WI-Madison US-WI-Appleton, United States R1d ago