Tier 2 Cyber Incident Response Team (CIRT) Shift Lead
Tasks
- Analyze network traffic for anomalous activity
- Conduct forensic analysis of host artifacts network traffic and email content
- Coordinate incident information reporting to CISA
- Coordinate remediation actions with watch officers and leadership
- Create tickets and initiate workflows from SOPs
- Detect classify process track and report cyber security incidents
- Monitor and respond using SOAR hotline and email
- Perform in depth log analysis for suspicious activity
- Perform malware analysis and generate IOCs
- Provide technical procedural improvement recommendations
- Review tier 2 shift tickets for accuracy and completeness
Perks/Benefits
- N/A
Skills/Tech-stack
APT | Advanced persistent threat | Automation Response | Bash | Cloud Security | Cloud security monitoring | Cyber Threat | Cyber Threat Intelligence | D3FEND | Defender for Endpoint | Defender for Identity | Detection and Response | Digital forensics | EDR | Endpoint Detection and Response | Endpoint detection | Forensics | Incident Response | Indicator of Compromise | IoC | Log Analysis | Malware analysis | Microsoft Azure | Microsoft Defender | Microsoft Defender for Endpoint | Microsoft Defender for Identity | Microsoft Sentinel | Mitre Attack | Network Traffic | Network Traffic Analysis | Powershell | Python | SIEM | SOAR | Security Orchestration | Security Orchestration Automation | Security Orchestration Automation Response | Security monitoring | ServiceNow | Splunk | TTP | Threat Intelligence | Threat hunting | Traffic analysis
Education
Related jobs
-
Access Control | Access Management | Access intelligence | Attack Path | Attack path modelingMid-level Full TimeNew York, NY, USA2h ago
-
Security Engineer, National Security USD 174K-252KCloud Security | Computer Security | Design review | Detection Systems | Forensic analysisMid-level Full TimeReston, VA, USA2h ago
-
Engineering Analyst, Trust and Safety Account Security USD 132K-189KAutomation | Cause analysis | Cybersecurity | Data Analysis | Incident ResponseRotating on call coverage | Weekend and holiday coverageMid-level Full TimeKirkland, WA, USA2h ago
-
Security Engineer - Azure Government USD 180K-440KAKS | ARM | Access Control | Application Firewall | Azure CLI401k plan | Dental insurance | Disability insurance | Employee discounts | Health insuranceMid-level Full TimePalo Alto, CA; Washington, D.C.13h ago
-
800-171 | 800-53 | AWS | Azure | CMMC401k | Dental insurance | HRA/HSA options | Health insurance | Paid HolidaysSenior-level Full TimeDenver, CO or Long Beach, CA13h ago
-
Associate, Vulnerability Assessment USD 53K-92KAWS | Bash | Burp Suite | CCSK | CIS BenchmarkCertification and training reimbursement | Comprehensive insurance options | Digital mental health and wellbeing support membership | Flexible time off | Flexible work modelMid-level Full TimeUnited States15h ago
-
Staff AI Agentic Security Engineer USD 450K-600KAI Act | AI RMF | AWS | Access Management | Agents SDKCT office option | Hybrid work | NYC office optionSenior-level Full TimeNew York, New York15h ago
-
Director IT and Cyber Security USD 215K-275K21 CFR Part 11 | Access Control | Access Management | Active Directory | CFR Part 11Executive-level Full TimeSalt Lake City, UT15h ago
-
800-53 | CIA triad | CRM | Cyber Threat | Cyber Threat IntelligenceCompany-sponsored team events | Flexible time off | Remote work | Wellness resourcesSenior-level Full TimeNew York, New York; Newark, New … R18h ago
-
Cloud Security/Penetration Test Engineer USD 130K-185KASVS | Amazon Web Services | Application Firewalls | Bash | CMMC401k plan | Appspace Quiet Fridays | Disability coverage | Employer-paid life insurance | Flexible work schedulesSenior-level Full TimeDallas, Texas, United States Remote R18h ago
-
Security Automation Engineer USD 130K-184KAPI | Ansible | ArcSight | Axiom Cyber | Bash401k match | Accident insurance | Critical illness insurance | Discretionary time off program | Hospital indemnity insuranceSenior-level Full TimePortland, OR18h ago
-
Security Operations Analyst USD 70K-106KContinuous Monitoring | Controls evaluation | Detection engineering | Incident Response | Log AnalysisEntry-level Full TimeWashington DC18h ago
-
Cybersecurity Operations Engineer USD 112K-180KCISA | Continuous Diagnostics and Mitigation | Continuous Monitoring | Continuous diagnostics | CybersecurityMid-level Full TimeWashington DC18h ago
-
Security Engineer (Purple Team) USD 150K-220KAFL | ARM | Android security | Automated testing | Automotive EthernetSenior-level Full TimeSunnyvale, California, United States18h ago
-
API Security | AWS | Access Management | Azure | Bicep401k match | Commuter benefits | Flexible spending account | Health savings account | Life and ADandD insuranceMid-level Full TimeSomerset, New Jersey, United States19h ago
-
VP, Information Security, Risk and Compliance USD 200K-230KAWS | Application Security | Audit management | Azure | CCPAExecutive-level Full TimeRemote, United States R20h ago
-
Mid-level Full TimeDallas, TX, United States20h ago
-
Senior Cyber Security Architect USD 160K-175KAWS | Access Control | Access Management | Access control systems | C I A Access Control SystemsSenior-level Full TimeSuitland, MD, United States21h ago
-
Senior Security Engineer, Detection and Response USD 182K-202KAI | AWS | CloudTrail | CrowdStrike | DatadogDisability insurance | Employee assistance program | Equity stock options | Health insurance | Life insuranceSenior-level Full TimeAustin21h ago
-
Executive-level Full TimeBellevue, WA, United States21h ago
-
Engineering Manager, Red Team USD 193K-285KAWS | Adversary simulation | Application Security | Attack chain | CI/CD11 paid holidays | 401k plan with employer matching | Basic life insurance | Commuter benefits match | Disability insuranceSenior-level Full TimeUnited States - Remote R22h ago
-
Detection Engineer USD 140K-200KCapture analysis | Detection Systems | Detection engineering | False Negatives | False Positives401k employer match | Equipment budget | Flexible paid time off | Health dental vision and life plans | Learning and development budgetSenior-level Full TimeUnited States (Remote) R22h ago
-
Automation | Cloud Security | Cloud security monitoring | Cyber Threat | Cyber Threat IntelligenceSenior-level Full TimeIrving, TX22h ago
-
Senior-level Full TimeChicago, Illinois, United States22h ago
-
Program Manager, Security Governance & Risk Reporting USD 115K-128KCIS Controls | Cross-Functional Collaboration | Cross-functional | Dashboards | Data Integrity401k plan | Commuter program | Dental benefits | Disability insurance | Employee assistance programMid-level Full TimeBoston23h ago