Senior Cybersecurity Incident Response Analyst

About Xerox Holdings Corporation
For more than 100 years, Xerox has continually redefined the workplace experience. Harnessing our leadership position in office and production print technology, we’ve expanded into software and services to sustainably power today’s workforce. From the office to industrial environments, our differentiated business solutions and financial services are designed to make everyday work better for clients — no matter where that work is being done. Today, Xerox scientists and engineers are continuing our legacy of innovation with disruptive technologies in digital transformation, augmented reality, robotic process automation, additive manufacturing, Industrial Internet of Things and cleantech. Learn more at www.xerox.com and explore our commitment to diversity and inclusion.
Overview:
The Senior Incident Response Analyst supports the incident response process within the Xerox Cyber Defense team. The qualified candidate will analyze, contain, and recover from any detected or reported issue in accordance with cyber security incident management process.
Primary Responsibilities:

• Act on behalf of the incident response management if/when necessary to maintain target service delivery levels and mitigation of incidents on Xerox network and/or against Xerox resources
• Collaborating with the managed security services supplier in designing rules/alerts within the security information & event management system (SIEM) and/or other security technologies employed by Xerox to swiftly detect and/or prevent compromise to systems and/or information
• Own end to end incident response process and lead a team of highly technical incident response analysts
• Perform eDiscovery assignments and forensic analysis in accordance with standard legal hold policies, procedures, and in alignment with record retention guidelines as required by the Office of General Counsel
• Analyzing, triaging and managing incidents end-to-end based on business impact and applicable privacy/legal/regulatory requirements
• Analyze data from various sources to identify possible risk indicators, determine possible root cause and identify preventative actions

Qualifications:

• Uncompromising personal and professional integrity and ethics
• Strong written and communication skills
• At least 4+ years of professional experience in an incident response role
• Strong attention to detail, time management and analytical skills
• Associates or Bachelor's Degree in Cybersecurity, Computer Science, Information Systems, or related field
• Understanding of IDS/ IPS, SIEM, email security, EDR and end point protection technologies
• Preferred – A technical certification such as ECIH, CCFP, GCFE, GCFA, or equivalent is desired
• Strong understanding of network, application layer and OS fundamentals
• Experienced in performing disk/ memory forensics and/or malware analysis
• Experienced in Splunk and QRadar
• Knowledge of common security vulnerabilities including OWASP Top 10 and SANS 25
• Experience analyzing and responding to incidents in cloud environments
• Experienced in offensive security