|Preferred GIAC Certifications||GCIH GCIA GCFA|
|Contact Name||Rick Schroeder|
I'm looking for a senior IR analyst for a remote position. Due to tax restrictions the candidates need to reside in one of the following states: Florida, Pennsylvania, Idaho. This position will be responsible for the implementation of the incident response program at zulily. The job description is below.
Qurate Retail Group (QRG) is seeking a Senior Cyber Incident Response Analyst responsible for implementing and progressing the incident response program. The ideal candidate possesses skills to identify opportunities for improvement and grow the program accordingly. Advanced skills in traffic analysis, attack tactics, threat intelligence, malware analysis, digital forensics, and remediation efforts are required for this position. The Incident Responder also conducts investigations into related incidents, gathers threat intelligence and spearheads proactive defense measures.
Review and analyze incidents escalated from cybersecurity team members.
Validate risk and priority scoring of incidents.
Perform investigation and analytics of network and host-based payloads and artifacts.
Correlate additional context from threat intelligence for incident during investigation and analysis.
Create processes and procedure documentation as it relates to incident response.
Create recommendations and requirements for content detection and response.
What You Bring:
Bachelor's Degree in Computer Science or related field or equivalent experience
5+ years of experience in security specific profession with at least 2 years working in an incident response capacity.
Strong understanding of TCP/IP protocols and a variety of IT systems, applications, and their operational configurations.
Experience and knowledge of incident phases, cyber kill chain, TTPs and attack vectors
Ability to find, analyze, interpret, and extract attack related payload from packet captures and host forensic images.
Experience following through phases of incident response and identify attacks, determine initial vectors, and complete scope of incidents.
Experience with basic forensics tools, open-source forensic tools and web history tools.
Must be willing to travel as required to respond to an incident.
Must be available to work on-call or off hours as needed to respond to an incident.
One or more qualified certifications including: GCIA, GCIH, GCFA, GREM, GCFE, GCNA, GDAT