Conduct thorough investigative actions based on security events and remediate as dictated by standard operating procedures.
Participate in all the phases of incident response process, including detection, containment, eradication, and post-incident reporting.
Record detailed Incident Response activities in the Incident Case Management System.
Monitor Tier2 ARCSIGHT security console for security alerts, and establish threat levels based on asset classification and data classification.
As assigned by the Case Management System, perform investigations of the corporate systems, desktops and network using standard operating procedures and methods, looking for indications of attack and/or compromise as indicated from alerting infrastructure.
As assigned by the Case Management System, remediate desktop malware, communicating with respective IT Staff as needed.
Where appropriate, submit malware from investigative work to anti-virus vendor for new anti-virus signatures, follow-up with vendor.
Provide details of investigations in Case Management Systems.
Provide daily updates of assigned and outstanding IR cases.
Provide feedback to IR staff in the enhancement of forensic gathering process capabilities.
Bachelor’s degree and 5 years of cybersecurity incident investigation and remediation OR Master’s degree in Information Security and 2 years’ experience performing cybersecurity incident investigation and remediation.
Experience with incident response tools:
Carbon Black, Crowd Strike, Tanium, End Case, Access Data FDK, Sys Mon
Apply now to have the opportunity to be considered for similar jobs at leading companies in the Seen network for FREE.
Zero stress and one profile that can connect you directly to 1000s of companies.
We’ll take it from there. After you tell us what you’re looking for, we’ll show you off to matches.
Boost your interview skills, map your tech career and seal the deal with 1:1 career coaching.
Join now and be seen.