Analyzes and records cybersecurity incident issues by documenting all actions taken during incident triage and remediation; submitting findings and collected data to senior Incident Response team members and team leadership; and refraining from disclosing sensitive data or incident details with individuals outside of the appropriate teams and communications plan.
Supports incident response solutions by assisting team members in gathering requirements to support implementations; evaluating supplier products and services; researching information about new technologies; reviewing and compiling system documentation; participating in solution reviews; and implementing improvements to products, alerts, and monitors.
Supports incident response efforts by adhering to defined operating procedures associated with the identification, containment, eradication, and recovery of impacted resources (for example, laptops, desktops, mobile phones), as well as the procedures outlining digital and physical data handling; collaborating with interorganizational and intraorganizational cybersecurity personnel; reporting on incident response actions, including though written and oral presentations; collecting and providing feedback on proofs of concept during product and service evaluations; participating in team on-call pager rotation; and serving as an escalation point for cybersecurity incidents. Builds understanding of security threats by assisting with the analysis of malicious software and providing samples to security product vendors to ensure coverage and detection exists across multiple layers of technology.
Demonstrates up-to-date expertise and applies this to the development, execution, and improvement of action plans by providing expert advice and guidance to others in the application of information and best practices; supporting and aligning efforts to meet customer and business needs; and building commitment for perspectives and rationales.
Provides and supports the implementation of business solutions by building relationships and partnerships with key stakeholders; identifying business needs; determining and carrying out necessary processes and practices; monitoring progress and results; recognizing and capitalizing on improvement opportunities; and adapting to competing demands, organizational changes, and new responsibilities.
Models compliance with company policies and procedures and supports company mission, values, and standards of ethics and integrity by incorporating these into the development and implementation of business plans; using the Open Door Policy; and demonstrating and assisting others with how to apply these in executing business processes and practices.
Outlined below are the required minimum qualifications for this position. If none are listed, there are no minimum qualifications.Bachelor’s degree in Computer Science, Information Technology, Engineering, Computer Information Systems, or related field and 3 years' experience in information technology or related field within the last 7 years OR 5 years' experience in information technology or related field within the last 7 years.
Outlined below are the optional preferred qualifications for this position. If none are listed, there are no preferred qualifications.Certification in computer incident response tools and processes (for example, GIAC Certified Incident Handler (GCIH), Certified Intrusion analyst (GCIAs)), Firewall rules and filtering, intrusion detection and/or prevention devices, or penetration testing for networks and standalone devices, Information Security Technology disciplines (for example, data assurance, eDiscovery, SIEM, Installation, repair, and troubleshooting of computer hardware for desktop computers, laptops, servers, and networks, Network infrastructure and/or architecture security, Physical and/or digital information and/or incident handling consistent with National Institute of Standards and Technology (NIST) standards, Programming languages (for example, C/C++, Python, Perl, HTTP, PowerShell), System intrusion investigationsCISSP - Certified Information Systems Security Professional - Certification