Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: InfoSec Jobs InfoSec Jobs

Participate: Learn more about our honeypot network
https://isc.sans.edu/honeypot.html

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Senior Cybersecurity Incident Response Analyst
Company QVC
Location Remote
Preferred GIAC Certifications GCIH GCIA GCFA
Travel 10%
Salary Not provided
URL https://careers.qurateretailgroup.com/job/12762732/senior-cybersecurity-incident-responder-us-west-chester-pa/
Contact Name Rick Schroeder
Contact Email rschroeder6687/at/gmail.com
Expires 2021-08-12

Job Description

I'm looking for a senior IR analyst for a remote position. Due to tax restrictions the candidates need to reside in one of the following states: Florida, Pennsylvania, Idaho. This position will be responsible for the implementation of the incident response program at zulily. The job description is below.

The Opportunity:

Qurate Retail Group (QRG) is seeking a Senior Cyber Incident Response Analyst responsible for implementing and progressing the incident response program. The ideal candidate possesses skills to identify opportunities for improvement and grow the program accordingly. Advanced skills in traffic analysis, attack tactics, threat intelligence, malware analysis, digital forensics, and remediation efforts are required for this position. The Incident Responder also conducts investigations into related incidents, gathers threat intelligence and spearheads proactive defense measures.

Your Impact:

Review and analyze incidents escalated from cybersecurity team members.
Validate risk and priority scoring of incidents.
Perform investigation and analytics of network and host-based payloads and artifacts.
Correlate additional context from threat intelligence for incident during investigation and analysis.
Create processes and procedure documentation as it relates to incident response.
Create recommendations and requirements for content detection and response.

What You Bring:

Bachelor's Degree in Computer Science or related field or equivalent experience
5+ years of experience in security specific profession with at least 2 years working in an incident response capacity.
Strong understanding of TCP/IP protocols and a variety of IT systems, applications, and their operational configurations.
Experience and knowledge of incident phases, cyber kill chain, TTPs and attack vectors
Ability to find, analyze, interpret, and extract attack related payload from packet captures and host forensic images.
Experience following through phases of incident response and identify attacks, determine initial vectors, and complete scope of incidents.
Experience with basic forensics tools, open-source forensic tools and web history tools.
Must be willing to travel as required to respond to an incident.
Must be available to work on-call or off hours as needed to respond to an incident.
One or more qualified certifications including: GCIA, GCIH, GCFA, GREM, GCFE, GCNA, GDAT