Incident Response Security Analyst

Serve as a first-tier responder for security incidents, including any unusual activity detected or suspected,

in accordance with established incident handling procedures. Provide written incident reports

to designated officials and cooperate with law enforcement as required. Take appropriate steps to validate

suspected incidents and assess recommended countermeasures.

Required Skills:

• Experience configuring and administering anti-virus, IDS, penetration testing, or patch management
• tools.
• Knowledge of security incident response and continuous diagnostic tools such as Tenable/Nessus,
• Splunk, ForeScout, RES, DB Protect, and CheckPoint.
• Strong research, problem solving, and analytical skills. Basic programming skills to develop XML or
• SQL-based queries to generate audit trail.
• Knowledge of government compliance standards (NIST, DISA STIG, CIS Benchmark).

Job Duties:

• Provide incident handling support by analyzing network traffic and various log data to determine
• the threat/impact against the network, recommending appropriate countermeasures, facilitating
• the tracking, handling, and reporting of all security events and computer incidents.
• Remediate and apply lessons learned to security incident investigation and resolution.
• Perform monitoring, identification and resolution of security events to detect threats through analysis,
• investigations and prioritization of events based on risk/exposure.
• Perform Security Incident Event Management aligned with NIST standards.

Assist with the design, development, implementation, and maintenance of security tools, dashboards, cybersecurity, and risk management.