This position will be responsible for interfacing with users to assist them with reports of suspicious or malicious activity and serve as the first line of defense, including maintaining responsibility for identifying and responding to security threats. Maintain responsibility for incident confirmation, response, data collection, investigation, and analysis. Leverage knowledge of computer and network architecture to provide analysis during investigations, identifying adversarial activity and methods for future detection and prevention. Use a combination of open source research, network and host forensic analysis, log review and correlation, and PCAP analysis to complete investigations. Compose and present reports on findings to leadership after intrusion incidents. Manage the incident lifecycle, ensuring all investigations are kept current and are completed.
Assumes responsibility for establishing and maintaining effective communication, coordination, and working relations with area staff and management
Assumes responsibility for related duties as required or assigned
Certification(s) Preferred: Require 2 (GCIH and one other Analyst)