Incident Analyst

  • location: Santa Ana, CA
  • type: Temp to Perm
  • salary: $40 - $43 per hour
easy apply

job description

Incident Analyst

job summary:
This position will be responsible for incident response for the 24/7 Security Operations Center (SOC). The candidate must have one year of professional experience in performing digital media forensic analysis, static malware code disassembly and analysis, and runtime malware code analysis. Additionally, they will have a minimum of one year of professional experience responding to information system security incidents and an ability to use the common industry security toolsets to identify and determine root causes of incidents and provide any required documentation and possible evidence to authorized personnel who carry legal or investigative authorities in a network security environment, such as a Security Operations Center (SOC), Computer Emergency Response Team (CERT), Computer Incident Response Team (CIRT), Computer Incident Response Center (CIRC) or Cyber Security Incident Response Center (CSIRC)

 
location: Santa Ana, California
job type: Contract
salary: $40 - 43 per hour
work hours: 8am to 5pm
education: Bachelors
 
responsibilities:
  • Develop moderately complex security designs and test plans using existing technology.
  • Perform and document root cause analysis for security incidents.
  • Perform and document all aspects of Digital Media Forensics Analysis using forensics tools (EnCase Forensic).
  • Work closely with the SAIC CISO to identify and recommend process and system improvements to the security program.
  • Create relevant documentation and recommendations for changes to the current security architecture.
  • Drive the capabilities and execution to effectively optimize and improve enterprise security.
  • Demonstrate expert level knowledge of security services and implementations.
  • Investigate, positively identify, and document anomalous events and incidents that are escalated by Tier 1 engineers.
  • Document and escalate appropriate events and incidents to Tier 3 engineer.
  • Examine cyber adversary techniques in order to develop defensive methodologies.
  • Conduct risk analysis and convert it into actionable monitoring recommendations to be conducted by the SOC.
  • Recommend remediation and mitigation strategies and implementations based on the results of vulnerability assessments, to ensure effective achievement of the organizational objectives.
  • Provide support for security incidents throughout the incident lifecycle as needed and make recommendations to ensure enterprise infrastructure is protected.
  • Perform analyses to validate established security requirements and to recommend additional security requirements and safeguards.
  • Work with the SAIC CISO to develop a metrics program to report on overall SOC performance and effectiveness.
 
qualifications:
  • Bachelor degree in Computer Science, Engineering, Information Technology, Cybersecurity or related field and a minimum of one year of experience in Cyber Security.
  • Must be able to meet all Law & Justice and departmental clearance requirements prior to starting work and be eligible to pass law enforcement level background investigations and obtain U.S. SECRET (or similar) clearances as required.
  • Demonstrated Experience with Cyber Security E-mail and Incident Response including expert experience in at least two of the following areas:

    • (a) Vulnerability Assessment;
    • (b) Intrusion Prevention and Detection;
    • (c) Access Control and Authorization;
    • (d) Policy Enforcement;
    • (e) Application Security;
    • (f) Protocol Analysis;
    • (g) Firewall Management;
    • (h) Incident Response;
    • (i) Encryption;
    • (j) Web?filtering;
    • (k) Advanced Threat Protection
  • Security+ and/or CySA,
  • Experience with Security Information and Event Management Tools (LogRhythm).
  • Experience using digital media forensic tools (EnCase Forensic).
  • Experience performing digital media forensic analysis, static malware code disassembly and analysis, and runtime malware code analysis.
 
skills:
  • Experience writing moderately complex scripts.
  • Understanding of networking concepts and technologies including TCP/IP, Routing, Switching, NAT, OSI Model, etc.
  • Ability to manage multiple projects and multiple deadlines in an organized fashion.
  • Understanding of advanced data analysis and management concepts.
  • Technical writing abilities to author technical and management risk reports.
  • Develop cyber security analytics and threat intelligence using multiple data sources provided to the Security Information and Event Management (SIEM) system.
  • Work closely with the SAIC CISO to identify and recommend process and system improvements to the security program.
  • Create relevant documentation and recommendations for changes to the current security architecture.
  • Drive the capabilities and execution to effectively optimize and improve enterprise security.
  • Demonstrate expert level knowledge of security services and implementations.
  • Investigate, positively identify, and document anomalous events and incidents that are escalated by Tier 1 engineers.
  • Document and escalate appropriate events and incidents to Tier 3 engineer.
  • Examine cyber adversary techniques in order to develop defensive methodologies.
  • Conduct risk analysis and convert it into actionable monitoring recommendations to be conducted by the SOC.
  • Recommend remediation and mitigation strategies and implementations based on the results of vulnerability assessments, to ensure effective achievement of the organizational objectives.
  • Provide support for security incidents throughout the incident lifecycle as needed and make recommendations to ensure enterprise infrastructure is protected.
  • Performs analyses to validate established security requirements and to recommend additional security requirements and safeguards.
  • Work with the SAIC CISO to develop a metrics program to report on overall SOC performance and effectiveness.

Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.

Qualified applicants in San Francisco with criminal histories will be considered for employment in accordance with the San Francisco Fair Chance Ordinance.

We will consider for employment all qualified Applicants, including those with criminal histories, in a manner consistent with the requirements of applicable state and local laws, including the City of Los Angeles' Fair Chance Initiative for Hiring Ordinance.

easy apply

get jobs in your inbox.

sign up
{{returnMsg}}

related jobs

    Sr Incident Analyst

  • location: Santa Ana, CA
  • job type: Temp to Perm
  • salary: $54 - $57 per hour
  • date posted: 1/10/2019

    Business Process Analyst

  • location: Santa Ana, CA
  • job type: Temp to Perm
  • salary: $33 - $37 per hour
  • date posted: 1/9/2019

    Data Analyst

  • location: Corona, CA
  • job type: Contract
  • salary: $30.19 - $33.96 per hour
  • date posted: 1/11/2019