Incident Response Analyst

Incident Response Analyst

The Goal consulting team is seeking a passionate and highly skilled Incident Response Analyst to support a critical customer mission. Our team's services ensure the long-term success of our clients by providing talented, passionate, and specialized security monitoring, threat intelligence, and incident management consulting expertise. We are looking for motivated and experienced consultants with great customer service skills to help customers assess, design, and build their own advanced threat detection capability and help to continually improve our own program methodology. The selected candidate will posses sstrong consulting skills, be adept in leading multiple projects under tight deadlines, and possess in-depth experience in security event monitoring, cyber threat intelligence, and/or computer incident response.

Responsibilities:

  • Lead organization in maturing incident response and digital forensics processes
  • Manage existing capability in collecting, analyzing, escalating, and responding to cyber-attacks
  • Interface with clients to address concerns, issues or escalations; track and drive to closure any issues that impact the service and its value to clients
  • Oversee and manage implementation improvements to our client's business processes, methodologies, and client communication methods
  • Provide expert experience building information security programs to include hands-on implementation and/or assessment of security controls
  • Provide expert in-depth knowledge in collecting, analyzing, and escalating security events; responding to computer security incidents, and/or collecting, analyzing, and disseminating cyber threat intelligence
  • Use formal project management skills in planning, tracking, and reporting on project progress
  • Contribute/Provide Customer with immediate capability enhancements that will serve as the base foundation for more complex process automation and optimization. This includes, but is not limited to, customized use case development that will define Customer's monitoring and detection capability, aligned to the cyber kill chain
  • Develop corresponding operational incident response playbooks for each use case. The playbooks will document the operational processes to identify, analyze, escalate, and remediate specific security incidents
  • Review and revise Incident Response Plan (IRP) to reflect enhancements.
  • Develop playbooks as determined by the City (i.e.Spear Phishing Attack, Network Denial of Service,Potential Host Compromise Windows Workstation, Rogue Host or Access Point Detected, Extortion,etc.)

Requirements:

  • Bachelors degree in a technical discipline (or equivalent work experience)
  • 5-8 years of comparable experience
  • Experience managing and leading teams in SOC environments
  • Prior interaction with C-level executives
  • Experience with the critical tools used in security event analysis, incident response, computer forensics, malware analysis, or other areas of security operations
  • Thorough understanding of cyber security operations, event monitoring, and SIEM tools
  • Fundamental understanding of network protocols
  • Understanding of security controls for common platforms and devices, including Windows, Unix, Linux, and network equipment
Attach a resume file. Accepted file types are DOC, DOCX, PDF, HTML, and TXT.

We are uploading your application. It may take a few moments to read your resume. Please wait!