Cyber Security Incident Response Analyst IT

Location
Eagan, Minnesota
Salary
Apply for details
Posted
Mar 15, 2019
Industry
Technology
Role
IT
Job Type
Long-Term
Hours
Full Time

The Cyber Security Incident Response Analyst is primarily responsible for monitoring and responding to alerts triggered by Information Security controls and tools. The incident response analyst is responsible for executing processes that enable the organization to detect and prevent computer security and cyber threats and working with cross-functional teams performing incident investigations, response activities and vulnerability identification and reporting.

 

Responsibilities

 

  • Provide Level 1 security triage for Malware and other malicious software, identify remediation and prevention options, and work with IT teams as appropriate to ensure remediation is completed
  • Provide support responding to alerts and entering trouble tickets, monitor for network security events, complete pre-defined security analysis activities, perform Level 1 security diagnostics and escalate issues according to standard operating procedures
  • Perform basic analysis of log files, including forensic analysis of system resources (memory, running processes, network packet captures, etc.)
  • Create, modify and maintain Security Incident Response play books, run books, policies, processes and procedures
  • Conduct vulnerability scanning, analyze identified vulnerabilities, prioritize, and differentiate between real vulnerabilities and false positives, identify remediation options, continually identify and enhance vulnerability management processes and procedures working with numerous IT support teams and application development teams to establish best practices for vulnerability remediation
  • Respond to security violations and identify trends or exposures that could be addressed by additional training, technical measures, or use of application tools to enhance security
  • May provide limited input on Incident Response or Security Domain projects
  • Other duties as assigned

Minimum Qualifications

 

  • Bachelor’s degree in computer science or related area of study or equivalent combination of education and/or relevant work experience; HS diploma or GED is required
  • 3 years in the Information Security field
  • 3 years in Information Technology
  • Must be eligible to work in the United States without need for work visa or residency sponsorship

Additional Qualifications

 

  • Basic working knowledge of technical security solutions such as IDS/IPS, secure remote access, firewalls, encryption, VPNs, secure protocols, data protection, data loss prevention, and behavioral Malware
  • Basic understanding of regulatory requirements (PCI, HIPAA, SOX, etc.)
  • Basic understanding of networking protocols (TCP/IP, UDP)
  • Ability to conduct meetings and give presentations
  • Good critical thinking and analytical skills
  • Good multi-tasking skills
  • Project management skills

Preferred Qualifications

 

  • Exposure to Computer Security Incident Response and SIEM event correlation or similar tool
  • Background with scripting and log analysis tools
  • Experience with QRadar and ServiceNow or similar tools
  • Exposure and knowledge of deploying and configuring scanning and analysis technologies

Minimum Physical Job Requirements

 

  • Ability to travel up to 5% of the time
  • Ability to work a flexible schedule including on-call 24X7 as needed
  • Constantly required to sit, use hands to handle or feel, talk and hear
  • Frequently required to reach with hands and arms.
  • Occasionally required to stand, walk and stoop, kneel, and crouch
  • Occasionally required to lift and/or move up to 10 pounds and occasionally lift and/or move up to 25 pounds
  • Specific vision abilities required by this job include close vision, distance vision, color vision, peripheral vision, depth perception and ability to adjust focus

Reporting Structure

 

  • Reports to a Manager in the Information Technology department

Prime Therapeutics LLC is an Equal Opportunity Employer. We encourage qualified minority, female, veteran, disabled, and other diverse candidates to apply and be considered for open positions.