Incident Response Analyst - Day Shift

Tyto Athene is searching for a Tier 1 Incident Response Analyst that will collaborate with members of the SOC team to improve procedures for the SOC to enhance coordination and incident response operations. You must be willing to work in a 24x7x365 SOC environment demonstrate intuitive problem-solving skills and allow for flexible scheduling; monitor network traffic for security events and perform triage analysis to identify security incidents; respond to computer security incidents by collecting, analyzing, preserving digital evidence, and ensuring that incidents are recorded and tracked in accordance with SOC requirements; and work closely with the other teams to assess risk and provide recommendations for improving our security posture.

Responsibilities:

• Utilize monitoring and response technologies such as Endpoint Detection & Response/ Extended Detection & Response (EDR/XDR), log aggregation platforms (Splunk/Sumo Logic), Data Loss Prevention (DLP), and Microsoft and Linux security tools to perform security incident detection and analysis
• Conduct malware analysis, host and network, forensics, log analysis, and triage in support of incident response
• Recognize attacker and APT activity, tactics, and procedures such as indicators of compromise (IOCs) that can be used to improve monitoring, analysis, and incident response
• Collaborate with team members and key stakeholders to implement remediation plans in response to incidents
• Effectively investigative and identify root cause findings, then communicate findings to stakeholders, including technical staff and leadership
• Author Standard Operating Procedures (SOPs) and training documentation when needed
• Generate end-of-shift reports for documentation and knowledge transfer to subsequent analysts on duty

Required:

• Bachelor’s degree or equivalent experience
• Three (3) years of relevant experience and two (2) years of relevant experience as an Incident Response Analyst
• Advanced knowledge of TCP/IP protocols
• Knowledge of Apple, Windows, Linux operating systems\
• EDR/XDR experience
• Knowledge of Intrusion Detection Systems (IDS) and SIEM technologies (Splunk or Sumo Logic experience)
• Deep packet and log analysis

Desired:

• Knowledge and experience with scripting and programming (PowerShell, Python, PERL, etc.) are also highly preferred
• GCIH, GCIA, GCFE, GREM, GCFA, GSEC Security CEH, CISSP, CCNA (Security), or equivalent Certifications
• CySA

Clearance:

• TS/SCI Clearance Required

Location:

• Currently 2 days per week on site, subject to change per the customer

Shift:

• Day Shift Monday through Friday from 6:00AM-4:00PM EST

Benefits:

• Highlights of our benefits include Health/Dental/Vision, 401(k) match, Flexible Time Off, STD/LTD/Life Insurance, Referral Bonuses, professional development reimbursement, and maternity/paternity leave