Senior Analyst, Cyber Security Incident Response

  • SES
  • Manassas, VA, USA or Princeton, NJ
  • 06/07/2018
U.S. Citizen / Clearance Not Required Cybersecurity

Job Description

The jobholder monitors and analyses security events from multiple sources and manages security incidents to ensure a coordinated, timely and effective response to security incidents.

 

The jobholder ensures SES security incident response readiness and drives the definition, implementation and continuous improvement of SES’s security incident response framework.

The jobholder supports key security management processes by providing intelligence from security incidents and identified vulnerabilities and threats.

PRIMARY RESPONSIBILITIES / KEY RESULTS AREAS

 

  • Collect and analyse security information from different information resources to identify relevant threats and vulnerabilities and disseminate synthesized intelligence information within SES
  • Monitor and analyse security events from multiple sources to identify security incidents
  • Perform in-depth technical analyses of security threats and incidents, including malware analysis, network and system forensic analyses
  • Manage security incidents to ensure a coordinated, timely and effective response to security incidents
    • Assess and triage security incidents and coordinate the appropriate notifications and escalations in a timely manner
    • Coordinate response actions in virtual incident response teams
    • Document security incidents, including analysis results, the timeline of events and incident response activities
  • Ensure SES security incident response readiness by driving the definition, implementation and continuous improvement of SES’s security incident response framework, including
    • relevant policies, processes and procedures,
    • incident response tools and
    • training of actors in the response process
  • Provide synthesized intelligence from different information resources and security incidents to support key security management processes, such as
    • the development and promotion of information security policies, standards, processes and procedures and monitoring compliance to the information security policy framework
    • information security risk management and
    • the development and maintenance of SES’s information security awareness program
  • Travel and on-call duty as required

 

COMPETENCIES

  • Ability to coordinate cross-functional incident response teams and work, both autonomously and in interdisciplinary teams
  • Excellent experience in managing large and small scale incidents
  • Autonomous, innovative mind with sound analytical skills
  • Stress resistance and able to manage multiple incidents and tasks at the same time
  • Excellent written and verbal communication skills in English
  • Excellent team player
  • Ability to effectively interact with organizational stakeholders

 

QUALIFICATIONS & EXPERIENCE

  • Degree in Computer Science and minimum of 3 (6) years industry related experience in computer security and incident response
  • Excellent experience managing large and small scale incidents
  • Solid knowledge of and hands-on experience with state of the art incident response and forensics tools, techniques and tactics
  • Experienced in employing best practices and forensically sound principles, such as evidence handling and chain of custody
  • Good experience in malware analysis and reverse engineering
  • Experienced in capturing memory, disk images and network traffic and analyzing them for indicators of compromise
  • Good experience in analyzing and triaging security events from various sources
  • Good programming and scripting skills in different programming/scripting languages
  • Excellent understanding of the tools and tactics used by different threat agents
  • In-depth knowledge of computer forensics, security vulnerabilities and exploits
  • Strong knowledge in system security, application security and network security
  • In-depth system security knowledge (multiple operating systems, including Windows platforms, and Linux) and application security knowledge, including a clear understanding of their vulnerabilities, exploits and how to secure them
  • Solid working knowledge of security technologies, such as Antivirus, Network and Host Intrusion Detection Systems, Web Proxy/Content Filtering, Authentication technologies, Security Information and Event Management
  • Relevant security certifications (e.g., GCIH, GCFE, GCFA, GREM, GCIA) and product certifications are a plus
  • NATO/EU SECRET clearances are considered a strong asset. Candidate must be willing to undergo a security clearance procedure as this position might require holding security clearance

OTHER KEY REQUIREMENTS / COMMENTS

  • Travel and on-call duty as required
  • Openness for worktime flexibility within 6 AM - 10 PM timeframe.

 

 

SES is an Equal Opportunity and Affirmative Action Employer.