What are the responsibilities and job description for the Incident Response Analyst position at Idexcel?
Job Title: Incident Response Analyst
Location: Hybrid - Raleigh NC
Duration: Long-term (24 Months)
Job Summary:
Responds to crisis or urgent situations within the pertinent domain to mitigate immediate and potential threats. Uses mitigation, preparedness, and response and recovery approaches, as needed, to maximize survival of life, preservation of property, and information security.
Must demonstrate a solid understanding of cyber security analysis, incident response, incident handling, and a proven incident response team. Experience with Splunk, Sentinel One, Armis, and SNA preferred.
Duties:
Support the development of staff schedules and staffing forecasts for approval.
Ensure shift members follow the appropriate incident escalation and reporting procedures.
Provides support promptly and efficiently through front-line telephone and email communications.
Ingest, triage, prioritize, assign, track, document, and manage incidents and results.
Provide technical support in response to computer security incidents.
Correlate, map, and fuse any and all incident information for the development and distribution of cyber alerts and notices or other products as required.
Document technical details of current or potential intruder threats consistent with NIST 800-61: Computer Security Incident Handling Guide.
Must be flexible and able to work within a 24X7X365 support environment.
Manage information requests that may be considered out of the scope of the incident management service and route appropriately.
Coordinate, communicate, share information, and work closely with client's components.
Assist with developing and maintaining Standard Operating Procedures (SOPs).
Experience Level:
5 years of experience in computer forensics or vulnerability analysis.
5 years of experience in information security, especially in an incident response role.
1 year of experience as a certified investigator.
Education:
Must possess a minimum of a Bachelor's Degree, Master's Degree, PhD, or JD in a technical specialty such as cyber security, computer science, management information systems, or related IT field (Master's Degree Preferred).
Certifications: (One or more required):
Certified Investigator
CISSP
GCIH
GPEN
