Incident Response Analyst Jobs

CyberProof is a cyber security services and platform company whose mission is to help our customers react faster and smarter – and stay ahead of security threats, by creating secure digital ecosystems. CyberProof automates processes to detect and prioritize threats early and respond rapidly and decisively.

CyberProof is part of the UST Global family. Some of the world’s largest enterprises trust us to create and maintain secure digital ecosystems using our comprehensive cyber security platform and mitigation services.

We are currently looking for an IR Specialist to join our team in the US for one of our leading Client Engagements.

Requirements:

- Evaluate alert/incident response requirements from stakeholders and determine the feasibility of response goals.

- Develop and document Alert/Incident Triage and Response processes.

- Create Investigation Guidelines and recommended actions for Alerts/Incidents.

- Identify procedures that are frequently repeated or systematic in nature that are candidates for automation.

- Ensure completeness and accuracy of the Use Case Kit content and metadata.

- Train the SOC L1 teams on newly developed triage and response procedures as part of the operational acceptance of Use Case Kits.

- Mentor, train, and support the less senior Playbook and Use Case Content Developers.

- Recommend, schedule, and apply fixes, security patches, and any other measures required.

- Analyse malware cases mainly from Tanium EDR and Cortex XDR

- Mailbox monitoring (users will write to inquire and/or report cyber incidents via mailbox)

- On call during work hours (Group users may call the hotline to inform on any incidents)

- Collaborate with other regions or people from other teams (threat intel, forensics, legal...) for major incidents.

Requirements:

- Minimum of 5 years of experience in Information Security.

- In-depth operational experience with SIEM technologies.

- Minimum 2 years' experience in the playbook and IR response development.

- Minimum of 2 years' experience working in a SOC performing Alert/Incident Management and Response as a Level 1 Analyst and atleast 1 year as a Level 2 Analyst

- Penetration Testing experience or Security Assessment consulting.

- Any of the following certifications are a plus: CISSP, C|EH, CISA, CISM, C|CISO, GIAC, CompTIA Security+, NCSF, CCSP, GIAC (any).

- Organized with a proven ability to prioritize workload, meet deadlines, and utilize time effectively.

- Strong communicator and fluent in English.

- Excellent interpersonal and Analytical Skills to work effectively as a team player.