Incident Response Lead (R-00119)
full-time • On-site • remote
Job Responsibilities
- Provide real-time analysis and triage of security events to support the initial response efforts.
- Analyze log files from endpoints, EDR systems, firewalls, and servers to identify, contain, and remediate suspicious activity.
- Analyze malicious scripts and code to mitigate potential threats.
- Engage in Threat Hunting operations to proactively identify and mitigate threats.
- Conduct predictive or reactive analyses on security measures to support cyber security initiatives.
- Create system images or capture network settings from information technology environments to preserve as evidence.
- Forensically duplicate digital evidence to use for data recovery and analysis procedures.
- Perform web service network traffic analysis or waveform analysis to detect anomalies, such as unusual events or trends.
- Contribute to the analysis of cyber threat intelligence and apply findings to bolster ESOC's defensive and responsive actions.
- Post-incident analysis, assisting in identifying root causes, mining lessons learned, and reinforcing security measures.
- Contribute to training and skill development opportunities for self and other team members.
- Develop or refine policies and requirements for data collection, processing, and reporting.
- Recommend cyber defense software or hardware to support responses to cyber incidents.
- Adhere to legal policies and procedures related to handling digital media.
- Stay current on emerging threats, atack techniques, and vulnerabilities.
- Write and execute scripts to automate tasks, such as parsing large data files.
- Write cyber defense recommendations, reports, or white papers using research or experience.
- Write technical summaries to report findings.
Job Qualifications
- Bachelor's Degree in Computer Science, Information Management (IM), Information Technology, Engineering, or equivalent with 6 years of technical experience, or 4 years' experience in IT Solutions at senior management
- Certified Information Systems Security Professional (CISSP)
- Certified Incident Handler, Certified Intrusion Analyst, Certified Ethical Hacker, or similar certifications
- Project Management Institute (PMI) Project Management Professional (PMP) |
- Information Technology Infrastructure Library (ITIL) 4 Foundation
- 10 years of successful enterprise experience in an IT or technology-related field, with the last 5 years, on large government technical BPAs/contracts
We’re actively searching for talented security and technology practitioners who are ready to experience the True Zero difference. As a True Zero team member, you'll enjoy:
- Competitive salary, paid twice per month
- Best in class medical coverage
- 100% of medical premiums covered by True Zero
- Company wide new business incentive programs
- Contribution Incentives (i.e. white papers, blog posts, internal webinars, etc.)
- 3 weeks of PTO starting + 11 Paid Holidays Annually
- 401k Program with 100% company match on the first 4%
- Monthly reimbursement of Cell Phone and Home Internet costs
- Paternity/Maternity Leave
- Investment in training and certifications to broaden and deepen your technical skills