Level 3 Incident Response Analyst
Employment Information
Report this job
Job expired or something wrong with this job?
Job Description
Experienced Cybersecurity professional handling incident response at National General. Leading investigations, improving security capabilities, and mentoring junior analysts.
Responsibilities:
- Lead end-to-end incident response activities from triage through closure
- Manage high-severity threats from start to finish, ensuring all actions are thoroughly completed
- Partner with engineering teams to improve detection rules and integrate tooling that enhances security capabilities
- Facilitate incident response retrospectives and surface operational gaps and improvement opportunities
- Mentor SOC analysts and serve as a subject-matter expert for complex security challenges
- Help refine and maintain SOC workflows to ensure clarity, efficiency, and ongoing maturation
- Analyze large volumes of security telemetry to identify patterns, build custom queries, and uncover hidden threats
- Develop application-specific detection rules and response procedures with system and application owners
- Coordinate evidence collection and produce documentation for both technical and non-technical audiences
- Contribute to the development of operational and executive reporting
- Create and prioritize backlogs that drive desired business outcomes by incorporating insights and improvement actions identified during incident response retrospectives
- Maintain active communication with teammates and cross-functional partners to strengthen overall response capability
Requirements:
- 7+ years of hands-on Cybersecurity experience
- 5+ years in Incident Response and/or Digital Forensics
- Strong background in Incident Response, Incident Handling, and Security Operations
- Extensive knowledge of Windows and Linux operating systems and associated applications (IIS, SQL, Apache, etc)
- Strong knowledge of cloud computing services including Azure, GCP, & AWS
- Proficiency with EDR/XDR platforms (CrowdStrike, SentinelOne, Microsoft XDR)
- Experience using SIEM platforms (Splunk, Microsoft Sentinel, Elastic, Chronicle)
- Next Generation firewalls (Cisco ASA, Palo Alto experience)
- Practical knowledge of MITRE ATT&CK and common threat-actor TTPs
- PCAP and network-traffic analysis skills using Wireshark or Zeek
- Scripting familiarity (Python, PowerShell, Bash)
Benefits:
- Equal Opportunity employer – Veterans/Disabled and other protected categories
- Candidates must possess authorization to work in the United States
Similar Jobs
Level 2 Incident Response Analyst
Level 2 Incident Response Analyst investigating and remediating cybersecurity incidents. Collaborating with GSFC teams to enrich data and support analysis at Allstate.
ITSM Incident Response Analyst
ITSM Incident Response Analyst supporting the Incident Response Management team in incident documentation and service restoration activities. Required strong Service Now skills and relevant experience.
Senior Cyber Incident Response Analyst, Sweden
Senior Cyber Incident Response Analyst at Integrity360 conducting various Incident Response activities for clients. Responding to incidents, conducting analysis, and providing advisory services.
Senior Cyber Incident Response Analyst, Italy
Senior Cyber Incident Response Analyst at Integrity360 performing incident response activities and threat hunting for clients in Italy. Focused on cyber security and providing detailed analysis on incidents to maintain client networks.
Senior Cyber Incident Response Analyst, Spain
Senior Cyber Incident Response Analyst at Integrity360, responding to cyber incidents and conducting intrusion analysis for clients in Spain. Focus on malware reverse engineering and proactive client services.
No more related jobs available.