Sr. Incident Response Analyst

The Security, Risk, and Compliance division of the National Association of Insurance Commissioners (NAIC) has an exciting opportunity for an Sr. Incident Response Analyst that reports to the Incident Response Manager. The Sr. Incident Response Analyst will monitor, analyze, and respond to security events, ensuring threats are quickly identified and mitigated.

This position is located in the NAIC's state-of-the-art offices in Town Pavilion in the heart of downtown Kansas City which includes great restaurants and top-notch entertainment venues. This is a full-time hybrid position in a positive and flexible environment. Residency within 100 miles of the Kansas City, Missouri office is required.

Responsibilities include:

• Monitor and analyze security alerts from SIEM, Endpoint XDR, and other security tools.
  

• Leverage SOAR platform to enhance automation in incident response workflows.
  

• Investigate security events to determine their impact, root cause, and necessary remediation actions and Develop detection methods for identifying suspicious or malicious activity.
  

• Conduct root cause analysis and document incident findings.
  

• Support post-incident reviews to identify improvements in security posture and maintain and improve incident response playbooks and procedures.
  

• Participate in threat-hunting activities to proactively identify vulnerabilities and potential security threats.
  

• Stay up to date with emerging cyber threats and evolving attack techniques.
  

Systems & Technology Requirements

• Microsoft Office Suite/365;
  

• Slack
  

• Jira
  

• Security Information and Event Management (SIEM)
  

• Endpoint XDR or relevant technology such as Next Generation firewalls, malware protection tools, AWS and Virtual environments.
  

Travel Requirements

• This position could require, out-of-state, overnight travel in support of member meetings and events throughout the year. An ideal candidate must be able and willing to travel to locations throughout the United States and with such frequency as necessary to meet the needs of this position and the Association.
  

Minimum Education and/or experience required:

• Bachelor's degree in cybersecurity, information technology, or related field OR equivalent hands-on experience. Minimum of 2-4 years of experience in Security Incident Response or Technical Engineering or an equivalent combination of education and experience.
  

Preferred Certifications:

• Familiarity with industry security standards (NIST 800-53, ISO 27001/27002) a plus.
  

• CompTIA Security , (ISC)² Certified in Cybersecurity (CC), Cisco Certified CyberOps Associate (CCCA) preferred
  

Compensation:

$79, 509 - $95,000, commensurate with education and experience