Incident Response Analyst

This position is for an Incident Response Analyst. The role involves resolving security incidents, improving security measures, and identifying common attack patterns. The analyst will execute the enterprise-wide Incident Response Plan, partner with business units for remediation, and present findings to senior leadership.

This remote role acts as an incident coordinator to provide incident response support to the Digital Forensics and Incident Response (DFIR) team., * Review current configurations of production information systems and networks against compliance standards.

• Prepare for the prevention and resolution of security breaches and ensure incident response processes are initiated.
• Implement and discuss security service audit schedules, review access authorization, and perform access controls testing.
• Design automated scripts, contingency plans, and other programmed responses for detected attacks.
• Collaborate with Information Security Architects, Engineers, and other stakeholders.
• Notify internal and external teams based on alert priority and triage security alerts, events, and notifications.
• Integrate third-party attack monitoring and threat reporting services into internal communication systems.
• Perform post-mortem analysis using logs and network traffic to identify intrusions.

As an incident coordinator, this role will support incident response (IR) activities within the organization. Incident coordinators partner with business units to accomplish Enterprise-wide containment, remediation and recovery actions and strategic initiatives. IR coordinators develop and drive the maturity of the DFIR team by establishing documentation and best practices and ensuring seamless cross-team communication. Incident coordinators leverage their knowledge of hybrid enterprise environments to help communicate and direct response activities through the incident response lifecycle.

Education: A Bachelor's degree in a quantitative or business field (e.g., statistics, mathematics, engineering, computer science) or equivalent experience.

Experience: 4+ years of related experience in incident response.

Technical Skills:

• Knowledge of tools, techniques, and processes (TTP) used by threat actors.
• Understanding of indicators of compromise (IOC).
• Knowledge of network and infrastructure technologies including routers, switches, and firewalls.
• Prior Incident Response Experience in a hybrid enterprise environment
• Experienced with utilizing security tooling such as: Splunk, EDR, Tanium, etc
• Strong understanding of cloud environments

Soft Skills

• Ability to identify problems and procedural irregularities, collect data, establish facts, and draw valid conclusions.
• Capacity to work independently.
• Demonstrated analytical and project management skills.
• High level of accuracy, even under pressure.
• Demonstrates excellent judgment and decision-making skills.

The pay rate for this position is between $50.00 and $60.00 per hour. A comprehensive benefits package is available to eligible employees.

Everforth Apex is a world-class IT services company that serves thousands of clients across the globe. When you join Everforth Apex, you become part of a team that values innovation, collaboration, and continuous learning. We offer quality career resources, training, certifications, development opportunities, and a comprehensive benefits package. Our commitment to excellence is reflected in many awards, including ClearlyRated's Best of Staffing in Talent Satisfaction in the United States and Great Place to Work in the United Kingdom and Mexico. Everforth Apex uses a virtual recruiter as part of the application process. Click for more details.