Threat Level: green Handler on Duty: Russ McRee

SANS ISC: InfoSec Jobs InfoSec Jobs

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Cyber Incident Response Analyst
Company QVC
Location West Chester, PA
Preferred GIAC Certifications GCIH GCIA GCFA
Travel 10%
Salary Not provided
Contact Name Rick Schroeder
Contact Email rschroeder6687/at/
Expires 2020-12-29

Job Description

This position will be remote while COVID restrictions are in place. After that the analyst will need to be onsite in West Chester, PA four days a week and work from home one day a week.

Incident Responders are responsible for handling more complex incidents that are escalated from the Monitoring Analysts. The Incident Responder also conducts investigations into related incidents, gather threat intelligence and also spearhead proactive defense measures. Responders will engage Advanced Analytics for Forensic and Malware analysis requests.

Review and analyze incidents escalated from Monitoring Analyst Team
Validate risk and priority scoring of incidents from the Monitoring Analyst Team
Perform investigation and analytics of network and host-based payloads and artifacts in relation to the incident
Correlate additional context from Threat Intelligence team for incident during investigation and analysis
Create recommendations and requirements for content detection and response
What You Bring

Bachelor’s degree AND at least 2 years of experience in security specific profession OR a high school diploma (or equivalent) AND 5 years of experience in a security specific profession
One or more qualified certifications preferred including: GCIA, GCIH, GCFA
Strong understanding of TCP/IP protocols and a variety of IT systems, applications, and their operational configurations
Strong understanding of incident phases and attack vectors
Strong abilities to communicate through oral and written methods to internal and external stakeholders
Ability to find, analyze, interpret, and extract attack related payload from packet captures and host forensic images using tools
Ability to follow through on all phases of the incident response and identify attacks, determine initial vectors, and complete scope of incidents
Experience with basic forensics tools, open source forensic tools and web history tools
Must be willing to travel as required to respond to an incident (less than 10% travel)
Must be available to work on-call or off hours as needed to respond to an incident