What you’ll be doing…
The Incident Response Analyst provides oversight of incident data flow and response, content, and remediation, and partners with other incident response centers in maintaining an understanding of threates, vulnerabilities, and exploits that could impact networks and assets. Performs real-time proactive security monitoring and reporting on various security enforcement systems, such as SIEM, Anti-virus, Internet contect filtering/reporting, malcode prevention, Firewalls, IDS & IPS, Web security, Anti-spam, etc. Performs the role of primary incident Coordinator for all IT Security events requiring focused response, containment, investigation, and remediation.
Perform analysis on hosts running on a variety of platforms and operating systems, to include, but not limited to, Microsoft Windows, Mac Operating System (OS), UNIX, Linux, as well as embedded systems and mainframes.
Monitor open source channels (e.g. vendor sites, Computer Emergency Response Teams, SysAdmin, Audit, Network, Security (SANS) Institute, Security Focus) to maintain a current understanding of Computer Network Defense (CND) threat condition and determine which security issues may have an impact on the enterprise.
Perform analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system logs) to identify possible threats to network security.
Leverages tools including Tanium, FireEye suite, GRR, Volatility, SIFT Workstation, MISP, and/or Bro as part of duties performing cyber incident response analysis.
Track and document CND hunts and incidents from initial detection through final resolution.
Collect intrusion artifacts (e.g., source code, malware, and Trojans) and use discovered data to enable mitigation of potential CND hunts and incidents within the enterprise.
Perform forensically sound collection of images and inspect to discern possible mitigation/remediation on enterprise systems.
Perform real-time CND hunt and incident handling (e.g. forensic collections, intrusion correlation/tracking, threat analysis, and direct system remediation) tasks to support deployable Hunt and Incident Response Teams (IRTs).
Write and publish CND guidance and reports (e.g. engagement reports) on incident findings to appropriate constituencies.
Receive and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts.
Utilizes data analytics tools including Splunk to make sense of machine data in performing responsibilities.
Correlate incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation.
May be required to travel up to 25% of time.
What we’re looking for…
Bachelor’s degree in a technical discipline with a minimum of 3 years related technical experience.
Active Top Secret Security Clearance with the ability to obtain a TS/SCI is required. In addition, selected candidate must be able to obtain and maintain a favorably adjudicated DHS background investigation (EOD) for continued employment.
Familiar with network analytics including Netflow/PCAP analysis.
Understanding of cyber forensics concepts including malware, hunt, etc.
Understanding of how both Windows and Linux systems are compromised.
Even Better If You Also Have:
DHS Suitability at the SCI level
Experience using Splunk for system data analytics and monitoring
Experience performing cyber forensics, malware analysis, cyber hunt, etc.
A professional certification such as GCFA, GNFA, GREM, or GCIH
When you join Verizon…
You’ll be doing work that matters alongside other talented people, transforming the way people, businesses and things connect with each other. Beyond powering America’s fastest and most reliable network, we’re leading the way in broadband, cloud and security solutions, Internet of Things and innovating in areas such as, video entertainment. Of course, we will offer you great pay and benefits, but we’re about more than that. Verizon is a place where you can craft your own path to greatness. Whether you think in code, words, pictures or numbers, find your future at Verizon.
Equal Employment Opportunity
We’re proud to be an equal opportunity employer- and celebrate our employees’ differences, regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or Veteran status. Different makes us better.
To apply for this job please visit itjobpro.com.