Digital Forensic and Incident Response Analyst

Merck Sharp & Dohme LLC
Topeka, United States of America
6 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Intermediate

Job location

Topeka, United States of America

Tech stack

Computer Security
Digital Forensics
Network Security
Security Information and Event Management
Software Vulnerability Management
Mitre Att&ck
Malware
Cybercrime
Ddos

Job description

Digital Forensic and Incident Response (DFIR) Analyst will be a member of our Cyber Fusion Center Team and support our Incident Response function. This position will provide support to security operations through incident triage, event analysis, documentation updates, incident response and other SOC duties assigned. This position supports a 24×7×365 support staff and candidates should be open to working a rotating schedule with non-core hours. This position will be a hybrid working environment with a mix of remote and onsite work., + Responds to IT security incidents according to the IT security incident response policy.

  • Provides guidance to first level responders for handling information security incidents.

  • Actively manage, drives, and provide recommendations on third party remediation efforts.

  • Provides investigation findings for cyber events (intrusions, malware, DDoS, unauthorized access, insider attacks and loss of proprietary information) to the relevant cyber security assurance functions to help improve information security posture.

  • Respond to high-priority requests for information/intelligence from senior stakeholders.

  • Validates and maintains incident response plans and processes to address potential threats.

  • Build strong relationships with business and technology stakeholders.

  • Effectively represent the team and communicate with all levels of organization including senior management and business stakeholders.

  • Identify and develop workflow automation to lower response time and eliminate lengthy procedures during incident investigation.

  • Perform additional analysis of escalations from Incident Response Analysts and conduct case review

  • Develop specific expertise, to discern patterns of complex threat actor behavior, and to communicate an understanding of current and developing cyber threats

Requirements

  • High School Diploma required.

  • Equivalent experience and/or education is accepted in place.

Required Experience and Skills:

  • 3-5 years of experience Incident Response or Cybersecurity (Education and Bootcamps included)

  • Intimate knowledge of the Cyber Kill Chain, MITRE ATT&CK Framework, or other relevant network defense and intelligence frameworks.

  • Advanced knowledge of security technologies, such as, SIEM, EDR Tools, Host and Network Security Tools and Vulnerability Management tools.

Apply for this position