Global Cybersecurity Incident Response Analyst

Inclusively is partnering with a safety science company to hire a Global Cybersecurity Incident Response Analyst. **Please note: this role is NOT an internal position with Inclusively but with the partner company.**

ABOUT INCLUSIVELY:

Inclusively is a digital tech platform that empowers job seekers with disabilities, caregivers, and veterans by using Success Enablers–accommodations and personalized workplace modifications that help all job seekers reach their full potential and excel. This includes all disabilities under the ADA, including mental health conditions (e.g. anxiety, depression, PTSD), chronic illnesses (e.g. diabetes, Long COVID), and neurodivergence (e.g. autism, ADHD).

Create your profile, select Success Enablers, and connect to jobs from our partnered employers who are committed to creating diverse and inclusive teams. When registering, you must acknowledge that this platform is for people with disabilities, caregivers, and veterans. However, Inclusively does not require candidates to disclose their specific disability to join the platform.

RESPONSIBILITIES

• Investigate and triage cybersecurity incidents as assigned in ServiceNow platform according documented the Cybersecurity Incident Response process.
• Communicate with UL associates across the organization to gather information and evidence required to investigate cybersecurity incidents.
• Take assignment of incident tickets and determine appropriate course of action, including escalation to senior team members or management where appropriate.
• Document cybersecurity incident details and incident timeline in accordance with documented Cybersecurity Incident Response Team standards.
• Collaborate with Cybersecurity Incident stakeholders to identify opportunities for process improvement and/or implementation of controls to prevent the recurrence of incidents.
• Identify and communicate cybersecurity risks during the incident response process to the Cyber Risk Team and Organizational stakeholders.
• Perform Digital Forensics Incident Response triage on Windows, Linux, and macOS hosts as required to investigate incidents using EDR and forensic tooling.
• Create IR playbooks and technical documentation as needed to drive process improvement and knowledge management.
• Assist the Cybersecurity Team with the capture of cybersecurity incident performance metrics using data analytics with ServiceNow.
• Assist team with monthly status reporting of deliverables, milestones, and notable achievements for greater Cybersecurity Team all-hands meetings.
• Assist Compliance and Audit teams with information requests to support regulatory and compliance audits.

QUALIFICATIONS

• Possess 1-3 years of working as a SOC Analyst, Cyber Incident Responder, or IT Incident Management role.
• Have experience with Wireshark, Zimmerman Tools, Autopsy, Kali Linux.
• Have experience working in a large enterprise company across various geographic regions and time zones.
• Strong written and verbal skills, and ability to present technical topics to a non-technical audience.
• Experience creating technical documentation and knowledge base (kb) articles as needed to drive process improvement and knowledge management.
• Be able to work independently or with minimal supervision to complete work.
• Have familiarity with project management, with ability to manage multiple tasks required related to project work.
• Experience using an EDR tool (Crowdstrike, Carbon Black, Microsoft Defender) is preferred.
• Experience using a Security Information Event Manager (SIEM) Solution (Splunk, SumoLogic, Sentinel, ELK) a plus.
• Experience using the ServiceNow CRM platform is a plus.
• Familiarity with Windows PowerShell scripting language is preferred. Python experience is a plus.
• Should be familiar with Active Directory fundamentals. Familiarity with RSAT PowerShell tools a plus.
• Experience with Microsoft EntraID and M365 Security and administrative fundamentals a plus.
• Familiarity with Windows PowerShell scripting language is preferred. Python experience is a plus.
• Should be familiar with Active Directory fundamentals. Familiarity with RSAT PowerShell tools a plus.
• Experience with Microsoft EntraID and M365 Security and administrative fundamentals a plus.

Preferred Certifications:

The preferred candidate should have a bachelor’s degree or commensurate experience.

The preferred candidate will have a CompTIA Security or CompTIA Network certification.

SANS Certificate is preferred (GCIH, GCFA, GSEC, GCIA, GPEN)

Specialized Skills Required:

• Working cybersecurity incidents and supporting the team with tasking on incidents of larger scope
• Proficiency with Digital Forensics Incident Response tools and techniques
• Creating and documenting IR playbooks to support the IR program.
• Assisting with monthly reporting for team meetings and performance metrics

Salary: $90,000 to $105,000