Incident Response Analyst II

Key Responsibilities: 

• Act as the first layer of defense in our security operations, focusing on quick detection, incident response, and thorough investigation of alerts.

• Facility alerts/Incidents to include

  • High humidity, High Temp, Power Failure/Fluctuations (Facility-Wide)

• Infrastructure alerts/alarms to include 

  • Intrusion Detection Systems (IDS) or Access Control Alerts, Server Performance or System Failure Alerts and Network Connectivity Failure

• Oversee the investigation and resolution of complex incidents, providing expert technical guidance to team members.

• Ensure prompt escalation and resolution of high-priority incidents, minimizing operational impact and downtime.

• Lead root cause analysis (RCA) for critical incidents, ensuring actionable insights are documented and shared with stakeholders.

• Act as the primary escalation point for customers, providing clear and timely updates on incident progress and resolution.

• Produce detailed and accurate incident reports, including root cause analyses and post-incident reviews.

• Generate weekly and monthly operational performance reports, analyzing trends and identifying opportunities for improvement.

• Monitor and track key performance indicators (KPIs) for the team, ensuring alignment with organizational objectives.

• Communicate operational performance and incident trends effectively to team managers and leadership.

• Ensure the smooth functioning of day-to-day operations by monitoring workflows, addressing operational bottlenecks, and implementing best practices.

• Drive operational improvements by identifying gaps in existing processes and developing solutions to enhance efficiency and effectiveness.

• Develop and maintain comprehensive Standard Operating Procedures (SOPs) and Methods of Procedure (MOPs) to ensure consistency in handling recurring and new issues.

• Lead and mentor a team of Incident Response Analysts, fostering a culture of accountability, collaboration, and continuous improvement.

• Provide coaching and technical guidance to team members, ensuring they are equipped to handle complex incidents.

• Manage team rostering to provide 8/7 operational coverage and consistent service delivery.

• Manage team schedules, ensuring adequate coverage during peak times and for critical incidents.

• Identify areas for improvement in incident response processes and workflows, implementing best practices to enhance efficiency.

• Ensure compliance with company standards and organizational policies in all incident response activities.

• Collaborate with cross-functional teams to address systemic issues and improve overall service quality.

Basic Qualifications:

• Minimum of 5 years' experience in a command center, service center, or similar 24x7 operations center environment.

• Proficient in triaging multiple incidents, with the ability to prioritize based on risk and confidence levels.

• High proficiency in IT applications, with fast and accurate keyboard skills (minimum 25wpm).

• Basic understanding of technical elements related to security systems, including IP networks, servers, LAN/WAN.

• Excellent verbal and written communication skills, with the ability to work independently, meet goals, and maintain attention to detail.

• Demonstrated ability to interact effectively at all levels within the organization, including with clients, while being a collaborative team player.

• Basic knowledge of data protection policies, such as GDPR, and the importance of securing sensitive information

Preferred Qualifications:

• Ability to work well under pressure, within time and budget constraints, to solve problems and complete security deliverables.

• Experience with security systems such as Lenel, Avigilon, SOAR, SAOS, Grafana, and familiarity with Genetec, AMAG, Software House, Hirsch, S2, and other ACS, VMS, IDS, and CCTV systems is highly desirable.

• Relevant working knowledge or certifications in the aforementioned systems will be considered a plus.