Find your next opportunity.
Incidents. Cyber Security Response Team Analyst
1 Parkway South Greenville, SC 29615 US | Work from home flexibility TELECOMMUTE US
Our client is actively seeking a talented Incidents. Cyber Security Response Team Analyst, This position remote candidates. This is a 6-month contract opportunity with the possibility for extension or to go permanent with our client.
Our client is looking for a highly technical performer with a passion for cybersecurity, impeccable attention to detail, with excellent analytical and problem-solving skills.
- Prevent: Follow evolution of security that could impact our client (internal or external).
- Get technical information on the Internet, get Malware sample
- Keep up to date with cyber threats and security technologies
- Understand, test, contextualize the risks.
- Evaluate risks for our client
- Inform Technical Stakeholders
- Share information with Group.
- Detect: Be the unique contact point for alerts from the field (sites)
- Be available 24/7 to analyze alerts, assign level of severity and advice.
- Provide on-call incident support, per schedule established. You might be required to share on-call duties and perform work on weekends and overnight, to respond to high priority security incidents
- React: manage security incident (Business As Usual Mode)
- Support incoming incident tickets and handle them with respect of privacy and data confidentiality
- Coordinate actions between team and local business teams (industry, logistic, business, subsidiaries…)
- Review and analyze data from a variety of cyber-defense tools, including network traffic logs, Intrusion Detection or Prevention System alerts, firewall or system logs, and open-source information to identify threat activity and recommend appropriate countermeasures and mitigations
- React: detect abnormal situations and start a cyber crisis
- React: provide security expertise during a cyber crisis (impact / technical / survey / test malware on a lab / activate emergency procedures)
- Share information with Group at the beginning and end of each day/team.
- Participate/Facilitate security awareness/training local sessions
- Perform security incident response to protect corporate IT assets and data, including intellectual property, and company reputation. This includes ability to manage and triage several security incidents, perform analysis, and perform initial investigations.
- Process cyber-threat intelligence and quickly identify impacts to the enterprise
- Ability to coach junior analysts in incident management and new procedures
- Ability to acquire new procedures and best practices for security incident management.
- Have an understanding of SIEM tools as it relates to searching and extracting relevant information for incident investigations.
- Ability to independently review and analyze data from a variety of Cyber defense tools, including network traffic logs, Intrusion Detection or Prevention System alerts, firewall or system logs, and open-source information to identify threat activity and recommend appropriate countermeasures and mitigations
- Identify, investigate, respond to and mitigate possible security exceptions and incidents related to reported, detected and derived threat activities in real time.
- Provide on-call incident support, per schedule established. Weekend coverage (rotation) as part of the international team is required but only for 6 – 8 times per year with compensatory time reimbursement. You might be required to share on-call duties and perform work on weekends and overnight, to respond to high priority security incidents.
- Coordinate computer network incident response from detection through remediation
- Support incoming Security Operations Center incidents, emails and dashboards, manage workload, and make effective use of ticketing systems and communications technologies to interface with internal and external customers.
- The role is one where the analyst will be tasked with making key decisions on how to navigate through cyber or security events and take a course of action based on the assessment of the current scenario or situation.
- Mandatory requirement to keep information confidential and protected
- Minimal 2-year technical degree with 5+ years of relevant experience in information security or Bachelor’s or Associate degree (Computer Science, Cyber Security, Information Technology, or Computer Engineering)
- Travel within North America and Global will be required, but infrequent.
- Have previously worked within a Windows or Linux server environment for 2 - 3 years in either administration, development such as DEVOPS, or in a technical troubleshooting role
- Understand Networking concepts, protocols, and architecture. Having a thorough understanding and knowledge of TCP/IP protocol and IP Stack is required and ability to analyze network traffic.
- Broad experience across multiple platforms
- Strong knowledge and or demonstrated usage of O365, especially Excel for data analytics.
- Knowledge of software/application and operating system hardening
- Understanding of security terminology, either through experience or certifications
- Knowledge or usage of tools such as Splunk, Python, PowerShell, DB query language / tools or others is a required.
- A proven track record of analyzing and troubleshooting technical security issues. The ability to quickly identify and capture those key elements that are required to troubleshoot or analyze of issues or security events.
- Demonstrate significant problem-solving capability
- An ability to handle multiple concurrent issues which could involve multiple time zones and countries.
- An ability to learn and apply new technologies quickly.
- Excellent organization skills and a detailed orientation in work habits, as well as the ability to resolve or progress security incidents in a time sensitive manner.
- An ability and need to work as part of diverse international team.
- Excellent communication skills in English (both written and oral) along with an ability to communicate effectively with employees in countries where our client has a presence.
- Strong documentation skills that can accurately and clearly define technical situations or issues.
- Individual should be self-motivated, self-confident, responsible/reliable, and goal oriented.
- Preferred Certifications: GCIH, GCIA, GSEC, CCNA/CCNP, Security+ or other certifications help to demonstrate knowledge in this field
- Exposure or experience in security actions such as patching, malware identification / eradication are strong positives.
- Knowledge of offensive and defensive security measures is a plus
Job Requisition #36600
A reasonable estimate of the pay range for this role is $32.05 - $37.05 per hour.
The disclosed pay range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. The compensation decisions are dependent on the facts and circumstances of each case, such as skills and experience levels.
Company – Staffing – 501 – 1000 employees
APC believes that the workplace should be fun and enjoyable. Join our team today and ignite your career!
APC is a professional services organization focused on engaging people and positively impacting lives. As professionals serving professionals, we take pride in providing our employees with the highest level of customer service and support, creating meaningful, fulfilling and rewarding experiences every day.
APC is committed to creating a diverse work environment and is proud to be an equal opportunity employer. All qualified individuals will receive consideration for employment without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, disability, genetics, or veteran status.