Incident Response Analyst
CurrentThoroughly investigate and triage suspicious/malicious activity and escalate or close events, as applicable, utilizing the SIEM and other relevant 3rd party (approved) tools.• Perform Malware analysis through sandboxes, OSINT, and other resources.• Develop operational procedures to implement and continually improve the incident response processes.• Monitor security alerts within the tech stack and investigate potential security incidents.• Monitors incoming event queues for potential security incidents according to established operational procedures.• Analyze the alerts received to classify and assess the impact, managing high-priority incidents, including communication to the business, facilitating root cause analysis and resolution.• Perform cyber security investigations as part of the incident analysis.• Ability to summarize and communicate technical data for non-technical audiences.• Coordinate with other departments the remediation tasks to be performed and escalate unresolved incidents.• Responsible for researching, performing risk analysis, and security audits.• Provide technical and incident response support.• Identify and investigate potential computer and network intrusions.• Perform post-mortem analysis to identify root causes and design controls or measures to prevent future incidents.• Identify, interpret, and report security vulnerabilities on systems and networks.• Write comprehensive investigation reports capturing investigation details and root cause analysis aligned with knowledge of modern Tactics, Techniques, and Procedures (TTPs) for internal/customer purposes.• Establish and maintain communication during Incident Response, written and/or via phone.• Perform research on emerging threat sources/vulnerabilities.• Develop protection strategies.• Initiate and aid in the facilitation of an Incident call bridge with the appropriate members (internal/customer resources). This includes summarizing the activity.