Carrier Corporation is looking for an Incident Response Analyst to define the direction of security incident response activities for the business unit. Drives, implements, and manages security incident response procedures using a variety of tools and technologies to rapidly identify and respond to threats.
- Manages and coordinates response teams/vendors during security incidents (phishing, DDOS, malware, etc) through resolution and to lessons learned stage – coordinates with corporate office.
- Develops tactical response procedures for security incidents.
- Reviews alerts and data from systems and responds accordingly, including documentation and escalation.
- Recommends and implements mitigating actions to contain incident related activity.
- Collect and manage technical intelligence using technology-based tools or methodologies.
- Manging and utilizing SIEM, A/V, Internet content filtering/reporting, malware prevention, Firewalls, IDS & IPS, Web security, anti-spam technologies.
- Bachelor’s degree (BA) or equivalent combination of education and experience
- A minimum of 4+ years’ experience acting in a security incident response role with responsibility of analyzing alerts/threats, responding accordingly, developing incident response plans and procedures.
- Previous experience using a SIEM to analyze and correlate activity.
- Knowledge of Active Directory log events
- Previous experience identifying indicators of compromise and writing custom alerts
- Knowledgeable in security technologies, procedures, and standard methodologies to include functions such as Web Application Firewalls, Intrusion Detection Systems, File Integrity Monitoring, SIEM, and Vulnerability Scanning
- Experience documenting incident cases and leading lessons learned meetings
- Certifications a plus: CISSP, CEH, GIAC, GCIH, ECIH, CSIH, Security+
- Mergers, Acquisitions or Divestitures experience a plus
Job ID 01294986