IT Security Analyst 3- Incident Response

Location: Dimondale, MI
Date Posted: 08-02-2018
IT Security Analyst 3- Incident Response
Dimondale, MI
12 Months
Interview Mode: Phone + F2F
Job Description:
  • Member of the Michigan Security Operations Center (MiSOC) and will focus on Incident Response.
  • Identify security issues and risks associated with security events and manage the incident response process.
  • Participate in the incident response and investigation process for identified security events.
  • Use the Security Incident Event Management (SIEM) platform (IBM’s QRadar) to perform Incident Response identification and response.
  • Perform network and system forensics in response to security incidents.
  • Optimize and customize security-monitoring tools to improve detection.
  • Hunt for signs of APT activities.
  • Maintain and update the security operational workflow.
  • In-depth knowledge of security monitoring and incident response Required 5 Years
  • Knowledge of conducting security investigations. Required 5 Years
  • Experience with using and customizing SIEM products. Desired 5 Years
  • Solid understanding of network protocols and architecture. Required 5 Years
  • Demonstrated experience with performing digital forensics and incident response using industry leading tools. Required 5 Years
  • Experience with network intrusion detection and analysis tools such as Bro, Suricata, Sourcefire, Snort and Wireshark. Required 5 Years
  • Experience solving problems with scripting languages such as Perl, Python, PowerShell or Bash. Required 5 Years
  • Demonstrated experience operating information security tools is required. Required 5 Years
  • Demonstrated experience integrating information security tools is required. Required 5 Years
  • Understanding of the tactics, techniques and procedures of advanced attackers Required 5 Years
  • Ability to leverage multiple forms of communication to articulate complex concepts to technical and non-technical staff, including senior management Required 5 Years
  • SANS Training Desired
  • EnCase Certified Examiner (EnCE) Desired
  • Offensive Security Certified Professional (OSCP) Desired 
  • CISSP Desired
  • 3-5years of experience in Security Operations and Incident Response. Required 3 Years
|| Office: 916 646 2080 Ext 222|| Fax: 916 646 2081 || Email: || Website: ||
Note: This email is not intended to be a solicitation.  Please accept our apologies and reply in the subject heading with REMOVE to be removed from our Mailing list.
this job portal is powered by CATS