Lead Security Incident Response Analyst

Salary depends on experience
Posted on 09/21/17
5 - 7 years experience
Arts & Entertainment
Salary depends on experience
Posted on 09/21/17

As the Lead Incident Response Analyst within Blizzard’s Global Security Operations group, you will lead the charge in Tier 2 and above investigations that revolve around securing our enterprise data and IP assets. When Sombra comes calling, you’ll be waiting to teach her a lesson. 

You’ll partner across a wide range of security and technology resources to lead the IR process from discovery, to analysis, containment, and eradication.  You’ll be Blizzard’s security incident response leader; responsible for all communication, technical analysis, and forward planning.

In addition, you will maintain the IR documentation, run books, and lead incident response drills.  You’ll also provide regular feedback to the Blue Team to enhance their detective capabilities, and challenge the Red Team to shut down their offensive campaigns.

You’re a communicator who enjoys working with a highly talented, cross functional team, and you’re looking for a serious challenge.

Responsibilities

  • Lead the Incident Response team and manage incidents through to resolution in partnership with departments across the organization
  • Oversee forensic investigation capabilities ranging from system to network activity and all artifacts which tell a story of what could have happened
  • Translate technical details pertaining to incident response into consumable elements for non-technical groups
  • Partner with and maintain relationships with external resources that could be associated with incident response
  • Maintain and perform upkeep on the policies, protocols and runbooks associated with the IR team; communicate and train non-security departments involved through documentation and recurring tabletop exercises and simulations
  • Lead post incident after action reviews to determine what went well, what needs improvement and track remediation elements with applicable groups
  • Supply enhancements to detection and prevention systems managed by the Blue Team as necessary and collaborate with the Red Team on campaigns they execute

Requirements

  • 5+ years of experience as a security professional or technical role with a heavy emphasis on security & investigations
  • Awareness and application experience pertaining to the various incident response frameworks (e.g., NIST)
  • Experience leading technical resources (internal or external) performing forensic investigation functions
  • Understanding of chain of custody, legal proceedings and how could law enforcement integrate with an incident response program
  • Outstanding communication capabilities; written and oral, with a knack for delivering presentations to audiences of all technical levels pertaining to IR related activities
  • Bachelor’s degree, or equivalent professional experience
  • Translate technical details pertaining to incident response into consumable elements for non-technical groups
  • Partner with and maintain relationships with external resources that could be associated with incident response
  • Maintain and perform upkeep on the policies, protocols and runbooks associated with the IR team; communicate and train non-security departments involved through documentation and recurring tabletop exercises and simulations
  • Lead post incident after action reviews to determine what went well, what needs improvement and track remediation elements with applicable groups
  • Supply enhancements to detection and prevention systems managed by the Blue Team as necessary and collaborate with the Red Team on campaigns they execute
Not the right job?
Join Ladders to find it.
With a free Ladders account, you can find the best jobs for you and be found by over 20,0000 recruiters.