CIR Tier II Analyst
Hines, IL
Work location
Hines, Illinois
Telework options: Not at this time
Shift schedule
Shift Shift Days Shift Time2nd Sun-Thurs 1430-23002nd Tue-Sat 1430-2300
Responsibilities
· Perform real-time monitoring and triage of security alerts in Cybersecurity toolsets including SIEM, and EDR· Make accurate determination of what alerts are false positives or require further investigation and prioritization· Lead and actively participate in the investigation, analysis, and resolution of cybersecurity incidents. Analyze attack patterns, determine the root cause, and recommend appropriate remediation measures to prevent future occurrences· Ensure accurate and detailed documentation of incident response activities, including analysis, actions taken, and lessons learned. Collaborate with knowledge management teams to maintain up-to-date incident response playbooks· Collaborate effectively with cross-functional teams, including forensics, threat intelligence, IT, and network administrators. Clearly communicate technical information and incident-related updates to management and stakeholders· Identify and action opportunities for tuning alerts to make the incident response team more efficient· Monitor the performance of security analytics and automation processes regularly, identifying areas for improvement and taking proactive measures to enhance their efficacy· Leverage Security Orchestration, Automation, and Response (SOAR) platforms to streamline and automate incident response processes, including enrichment, containment, and remediation actions· Support the mentoring and training of more junior IR staff· Stay informed about the latest cybersecurity threats, trends, and best practices. Actively participate in cybersecurity exercises, drills, and simulations to improve incident response capabilities
Requirements
· Bachelor's degree in computer science, Cybersecurity, Information Technology, or a related field (or equivalent work experience)· 3+ years of experience supporting incident response in an enterprise-level Security Operations Center (SOC)· A deep understanding of cybersecurity principles, incident response methodologies, and a proactive mindset to ensure our SOC operates effectively in a high-pressure environment.· Strong experience with security technologies, including SIEM, IDS/IPS, EDR, and network monitoring tools· Experience with enterprise ticketing systems like ServiceNow· Excellent analytical and problem-solving skills.· Ability to work independently and in a team environment to identify errors, pinpoint root causes, and devise solutions with minimal oversight.· Ability to learn and function in multiple capacities and learn quickly.· Strong verbal and written communication skills
Must currently have or be willing to obtain one of the following certifications (or equivalent)
· GIAC Certified Incident Handler· EC-Council’s Certified Incident Handler (E|CIH)· GIAC Certified Incident Handler (GCIH)· Incident Handling & Response Professional (IHRP)· Certified Computer Security Incident Handler (CSIH)· Certified Incident Handling Engineer (CIHE)· EC-Council’s Certified Ethical Hacker
About PingWind
PingWind is focused on delivering outstanding services to the federal government. We have extensive experience in the fields of cybersecurity, development, IT infrastructure, supply chain management and other professional services such as system design and continuous improvement. PingWind is an SBA certified Service-Disabled Veteran-Owned Small Business (SDVOSB) with offices in Northern Virginia and Huntsville AL. www.PingWind.com
Our benefits include:
Paid Federal HolidaysRobust Health & Dental Insurance Options401k with matchingPaid vacation and sick leaveContinuing education assistanceShort Term / Long Term Disability & Life InsuranceEmployee Assistance Program through Sun Life Financial EAP Guidance Resources
Veterans are encouraged to apply
PingWind, Inc. does not discriminate in employment opportunities, terms, and conditions of employment, or practices on the basis of race, age, gender, religious or political beliefs, national origin or heritage, disability, sexual orientation, or any characteristic protected by law.
Hines, Illinois
Telework options: Not at this time
Shift schedule
Shift Shift Days Shift Time2nd Sun-Thurs 1430-23002nd Tue-Sat 1430-2300
Responsibilities
· Perform real-time monitoring and triage of security alerts in Cybersecurity toolsets including SIEM, and EDR· Make accurate determination of what alerts are false positives or require further investigation and prioritization· Lead and actively participate in the investigation, analysis, and resolution of cybersecurity incidents. Analyze attack patterns, determine the root cause, and recommend appropriate remediation measures to prevent future occurrences· Ensure accurate and detailed documentation of incident response activities, including analysis, actions taken, and lessons learned. Collaborate with knowledge management teams to maintain up-to-date incident response playbooks· Collaborate effectively with cross-functional teams, including forensics, threat intelligence, IT, and network administrators. Clearly communicate technical information and incident-related updates to management and stakeholders· Identify and action opportunities for tuning alerts to make the incident response team more efficient· Monitor the performance of security analytics and automation processes regularly, identifying areas for improvement and taking proactive measures to enhance their efficacy· Leverage Security Orchestration, Automation, and Response (SOAR) platforms to streamline and automate incident response processes, including enrichment, containment, and remediation actions· Support the mentoring and training of more junior IR staff· Stay informed about the latest cybersecurity threats, trends, and best practices. Actively participate in cybersecurity exercises, drills, and simulations to improve incident response capabilities
Requirements
· Bachelor's degree in computer science, Cybersecurity, Information Technology, or a related field (or equivalent work experience)· 3+ years of experience supporting incident response in an enterprise-level Security Operations Center (SOC)· A deep understanding of cybersecurity principles, incident response methodologies, and a proactive mindset to ensure our SOC operates effectively in a high-pressure environment.· Strong experience with security technologies, including SIEM, IDS/IPS, EDR, and network monitoring tools· Experience with enterprise ticketing systems like ServiceNow· Excellent analytical and problem-solving skills.· Ability to work independently and in a team environment to identify errors, pinpoint root causes, and devise solutions with minimal oversight.· Ability to learn and function in multiple capacities and learn quickly.· Strong verbal and written communication skills
Must currently have or be willing to obtain one of the following certifications (or equivalent)
· GIAC Certified Incident Handler· EC-Council’s Certified Incident Handler (E|CIH)· GIAC Certified Incident Handler (GCIH)· Incident Handling & Response Professional (IHRP)· Certified Computer Security Incident Handler (CSIH)· Certified Incident Handling Engineer (CIHE)· EC-Council’s Certified Ethical Hacker
About PingWind
PingWind is focused on delivering outstanding services to the federal government. We have extensive experience in the fields of cybersecurity, development, IT infrastructure, supply chain management and other professional services such as system design and continuous improvement. PingWind is an SBA certified Service-Disabled Veteran-Owned Small Business (SDVOSB) with offices in Northern Virginia and Huntsville AL. www.PingWind.com
Our benefits include:
Paid Federal HolidaysRobust Health & Dental Insurance Options401k with matchingPaid vacation and sick leaveContinuing education assistanceShort Term / Long Term Disability & Life InsuranceEmployee Assistance Program through Sun Life Financial EAP Guidance Resources
Veterans are encouraged to apply
PingWind, Inc. does not discriminate in employment opportunities, terms, and conditions of employment, or practices on the basis of race, age, gender, religious or political beliefs, national origin or heritage, disability, sexual orientation, or any characteristic protected by law.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
0
0
0
Category:
Analyst Jobs
Tags: Analytics Automation Computer Science EDR Forensics GCIH GIAC IDS Incident response IPS IT infrastructure Monitoring SIEM SOAR SOC Threat intelligence
Perks/benefits: Career development Health care Insurance
Region:
North America
Country:
United States
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Security Operations Engineer jobsSystems Administrator jobsIT Security Analyst jobsSenior Cloud Security Engineer jobsSenior Cybersecurity Engineer jobsSenior Security Analyst jobsSenior Information Security Analyst jobsCyber Security Specialist jobsInformation Security Manager jobsSenior Network Security Engineer jobsSecurity Consultant jobsSenior Product Security Engineer jobsInformation System Security Officer (ISSO) jobsChief Information Security Officer jobsInformation Systems Security Engineer jobsSenior Information Security Engineer jobsSecurity Specialist jobsSenior Cyber Security Engineer jobsIT Security Engineer jobsCyber Threat Intelligence Analyst jobsSenior IT Auditor jobsSecurity Operations Analyst jobsCybersecurity Specialist jobsSenior Software Engineer jobsNetwork Engineer jobs
Java jobsBash jobsTS/SCI jobsEncryption jobsEDR jobsSDLC jobsSplunk jobsMalware jobsThreat detection jobsRMF jobsFinance jobsTerraform jobsTop Secret jobsForensics jobsIDS jobsCompTIA jobsSQL jobsITIL jobsIPS jobsActive Directory jobsSOC 2 jobsDocker jobsOWASP jobsClearance Required jobsGIAC jobs
Intrusion detection jobsCRISC jobsAnsible jobsVPN jobsTCP/IP jobsOSCP jobsHIPAA jobsDoDD 8570 jobsMITRE ATT&CK jobsData Analytics jobsZero Trust jobsJavaScript jobsSOAR jobsIT infrastructure jobsBanking jobsCCSP jobsSOX jobsIndustrial jobsUNIX jobsDNS jobsJira jobsNIST 800-53 jobsGCIH jobsKPIs jobsCISO jobs