Logo
TEKsystems

Incident Response Analyst Job at TEKsystems in Winston-Salem

TEKsystems, Winston-Salem, NC, US


Job Description

Job Description

3268756

** U.S. Citizen and GC Holder **

Top Three Skills:

1. 3+ years of experience in Incident Response and/or proven experiences with Security Frameworks like NIST, Cyber Kill Chain, MITRE ATT&CK™ framework type solutions.
2. Proven knowledge of network security tools/solutions like SIEM, End-point agents, Web Security, email security, Intrusion Prevention Systems
3. Proven experience to effectively communicate investigative findings to stakeholders.

Job Description:

Incident Response (IR) Analyst is responsible for identifying and responding to cyber security incidents. The IR gets the incident from the SOC analyst and then troubleshoots and triage's the issue. They would then take the Indicators of Compromise (IOC) and plug into the SIEM to ensure it does not happen again or better notification. Coordinate with SOC to identify alerts and collaborate with Engineers to maintain visibility and correction and contribute to the prevention.
Conduct forensic artifact handling and analysis, TTPs Analysis-Tactics, techniques and procedures (TTPs) get at how threat agents (the bad guys) orchestrate and manage attacks. Automate Malware Analysis. Insider Threat Support.

This person will demonstrate intelligence driven incident response by analyzing all the available data and contribute intelligence to members of the security team to improve network defense. Work with team to understand security policies and how they can be supported by existing tools for monitoring alerting and identification of strange instances. Perform administrative tasks for core security functions like firewall, VPN, Malware detection, intrusion detection's and prevention, identity management, SIEM etc. Create reports and monitor activities on security tools. Deliver recurring scans of systems, scan findings and feed into remediation tool. Respond to audits