Senior Security Analyst, Incident Response
2 weeks ago
At the American Cancer Society, we're leading the fight for a world without cancer. Our employees and 1.5 million volunteers are raising the bar every single day. We actively seek candidates from diverse backgrounds including communities of color, the LGBTQ community, veterans, and people with disabilities. The greater the diversity of our people, the better we can serve our communities.
The people who work at the American Cancer Society focus their diverse talents on our lifesaving mission. It is a calling. And the people who answer it are fulfilled.
The Security Analyst, Incident Response works as part of the Cybersecurity Services team and, at times, in an individual capacity. This role requires coordination of incident response (IR) activities across the enterprise and working closely with stakeholders and Cybersecurity Services team members. Additionally, individuals engage in suspected and confirmed incidents, which may vary in impact. This analyst will investigate, validate, and communicate known details about the incident and work closely with leadership. Strong IR skills are required to excel in this role, given the complexity and evolution of internal and external threat actors. Technical and analytical skills are paramount, as well as the ability to communicate effectively with technical and nontechnical colleagues.
This is a fast-paced role and one that involves the ability to read the room and adapt communication. The Security Analyst, Incident Response will rely on factual and data-driven assessments and not lead with fear or assumptions. The ideal candidate is one who is highly technical but possesses some business acumen, having worked in security administration, incident response and security operations center (SOC) roles. Practical IR management, and hands-on technology experience in security principles is required in this role.
This is a remote position that can be home based anywhere within the United States.
MAJOR RESPONSIBILITIES
Respond to and investigate internally and externally driven incidents. Response may need to occur off-hours and on a scheduled rotation.
Coordinate incidents included, but not limited to, ransomware, host compromise, credential and account compromise, phishing, internal threats, third parties, and data leakage.
Review events for anomalies and possible incidents.
Work closely with information security leadership and business stakeholders and as part of a team of responders
Regularly lead and participate in incident response tabletop exercises designed to identify gaps, improve skills, enhance communication, and engage with key stakeholders.
Review technical reports from vulnerability and penetration testing assessments, as well as results from tabletop exercises to identify exposure to future incidents.
Refine, recommend, and maintain playbooks, policies, procedures and guidelines, and align with industry best practices.
Monitor performance of Incident Response services by defining and tracking key performance indicators and producing those reports regularly and as needed by leadership.
Liaison with threat hunting, infrastructure, IT, vulnerability management, threat intelligence and software engineer team members.
Document and communicate incident details from initial investigation through closure and post-mortem.
Maintain chain of custody and verify evidence is preserved and has not been tampered with.
Under management supervision and direction, communicate with legal and, when needed, external response firms and law enforcement.
Uphold professional accountability to remain educated on incident response skills and abilities.
Identify strengths and weaknesses in the program for team members to improve skills and knowledgebase.
Openly support the organization, management, and executive leadership team, even during times of adversity
.Perform other duties as assigned.
FORMAL KNOWLEDGE
Preferably 5+ years' experience, or more, in security systems administration, and 3+ years in a security incident response or related role.
Understanding of threats and vulnerabilities, in addition to principles of IR and chain of custody.
Hands-on experience with forensic tools, log correlation and malware analysis solutions.
SIEM, threat intelligence platform, directory services, vulnerability management and endpoint configuration experience.Knowledgeable about cloud services, third-party risk management and application security.
Bachelor's or master's degree in Computer Science, Information Systems, or another related field. Or equivalent combination of education and work experience.5+ years of relevant Information Technology (IT) experience.
IT Security technical hands-on experience including vulnerability scanning, log management systems, Active Directory and Unix system security, Application Security, Security Information and Event Management (SIEM) Systems, asset and patch management systems, virtualization platform security, and securing of cloud security solutions.
Track record of acting with integrity, taking pride in work, seeking to excel, and being curious and flexible
Experience with Cybersecurity Incident Response Process documentation.
Experience with IT Forensics processes and procedures a plus.IT Security certifications a plus.
Knowledge of frameworks, NIST CSF, PCI-DSS, CIS Controls v8, or similar a plus.
Broad range of knowledge, including both technical and non-technical facets of IT internal controls and compliance, including logical and physical controls for applications, infrastructure, and e-Commerce.
Knowledge of industry best practices and standards for IT Security and Risk Management.
COMPETENCIES/SKILLS
Understanding of threats and vulnerabilities, in addition to principles of IR and chain of custody
Business insight - Applies knowledge of business and the marketplace to advance the organization's goals.
Decision quality - Makes good and timely decisions that keep the organization moving forward.
Action oriented - Takes on new opportunities and tough challenges with a sense of urgency, high energy, and enthusiasm.
Optimizes work processes - Knows the most effective and efficient processes to get things done, with a focus on continuous improvement.
Ensures accountability - Holds self and others accountable to meet commitments
Collaborates - Builds partnerships and working collaboratively with others to meet shared objectives.
Communicates effectively - Develops and delivers multi-mode communications that convey a clear understanding of the unique needs of different audiences
Instills trust - Gains the confidence and trust of others through honesty, integrity, and authenticity.
SPECIALIZED TRAINING OR KNOWLEDGE
Security certification such as Security +, CISSP, CISM, CRISC, or CISA desired
SPECIAL MENTAL OR PHYSICAL DEMANDS
Self-motivated and able to organize work for others.
Able to work quickly with attention to detail including in high-pressure situations.
Ability to communicate technical concepts to a broad range of technical and non-technical staff.
Occasional evening and weekend work to meet deadlines
Sitting for extended periods of time
The starting rate is $88000 to $115000 annual. The final candidate's relevant experience/skills will be considered before an offer is extended. Actual starting pay will vary based on non-discriminatory factors including, but not limited to, geographic location, experience, skills, specialty, and education.
The American Cancer Society has adopted a vaccination policy that requires all staff, regardless of position or work location, to be fully vaccinated against COVID-19 (except where prohibited by state law).
ACS provides staff a generous paid time off policy; medical, dental, retirement benefits, wellness programs, and professional development programs to enhance staff skills. Further details on our benefits can be found on our careers site at: jobs.cancer.org/benefits. We are a proud equal opportunity employer.
#J-18808-Ljbffr
-
Incident Response Analyst
1 month ago
Atlanta, Georgia, United States Motion Recruitment Full timeOutstanding long-term contract opportunity A well-known Financial Services Company is looking for a Business Execution Consultant in Atlanta, GA (Hybrid).Work with the brightest minds at one of the largest financial institutions in the world. This is long-term contract opportunity that includes a competitive benefit package Our client has been around for...
-
Incident Response Analyst
4 days ago
Atlanta, Georgia, United States Motion Recruitment Full timeOutstanding long-term contract opportunity A well-known Financial Services Company is looking for a Business Execution Consultant in Atlanta, GA (Hybrid).Work with the brightest minds at one of the largest financial institutions in the world. This is long-term contract opportunity that includes a competitive benefit package Our client has been around for...
-
Incident Response Engineer
4 days ago
Atlanta, United States FanDuel Full timeABOUT FANDUEL FanDuel Group ("FanDuel") is an innovative sports-tech entertainment company that is changing the way consumers engage with their favorite sports, teams, and leagues. The premier gaming destination in the United States, FanDuel consists of a portfolio of leading brands across gaming, sports betting, daily fantasy sports, advance-deposit...
-
Senior SOC Analyst
2 weeks ago
Atlanta, United States Emergent Professional Resources L.P. (EPR) Full time**Only candidates currently residing in Chicago, IL will be considered for this opportunity**Our Specialty Insurance Client is looking to add a Senior Security (SOC) Analyst to their team here in Downtown Chicago! In this Direct Hire role, you will be responsible for leading and coordinating incident response efforts, investigations, and mentoring junior...
-
Senior SOC Analyst
2 weeks ago
Atlanta, United States Emergent Professional Resources L.P. (EPR) Full time**Only candidates currently residing in Chicago, IL will be considered for this opportunity**Our Specialty Insurance Client is looking to add a Senior Security (SOC) Analyst to their team here in Downtown Chicago! In this Direct Hire role, you will be responsible for leading and coordinating incident response efforts, investigations, and mentoring junior...
-
Senior Cyber Security Analyst
3 days ago
Atlanta, United States Children's Healthcare of Atlanta Full timeNote: If you are CURRENTLY employed at Children's and/or have an active badge or network access, STOP here. Submit your application via Workday using the Career App (Find Jobs). Work Shift Day Work Day(s) Monday-Friday Shift Start Time 8:00 AM Shift End Time 5:00 AM Worker Sub-Type Regular Children's is one of the nation's leading children's hospitals. No...
-
Security Analyst
2 weeks ago
Atlanta, United States TekStream Solutions Full timeSecurity Operations Center (SOC) Analysts ILocation: RemoteTekStream is currently looking for several Level I Security Analysts whose primary day-to-day duties involve reviewing alerts from Splunk SIEM and/or Splunk SOAR products and investigating suspected security incidents in a Managed Services SOC. This role involves actively monitoring and analyzing...
-
Security Analyst
1 week ago
Atlanta, United States TekStream Solutions Full timeSecurity Operations Center (SOC) Analysts I Location: Remote Are you the right candidate for this opportunity Make sure to read the full description below. TekStream is currently looking for several Level I Security Analysts whose primary day-to-day duties involve reviewing alerts from Splunk SIEM and/or Splunk SOAR products and investigating suspected...
-
Security Analyst
2 weeks ago
Atlanta, United States TekStream Solutions Full timeSecurity Operations Center (SOC) Analysts ILocation: RemoteTekStream is currently looking for several Level I Security Analysts whose primary day-to-day duties involve reviewing alerts from Splunk SIEM and/or Splunk SOAR products and investigating suspected security incidents in a Managed Services SOC. This role involves actively monitoring and analyzing...
-
Security Analyst
2 weeks ago
Atlanta, United States TekStream Solutions Full timeSecurity Operations Center (SOC) Analysts ILocation: RemoteTekStream is currently looking for several Level I Security Analysts whose primary day-to-day duties involve reviewing alerts from Splunk SIEM and/or Splunk SOAR products and investigating suspected security incidents in a Managed Services SOC. This role involves actively monitoring and analyzing...
-
Senior Privacy Analyst
3 weeks ago
Atlanta, United States Emory Healthcare Full timeDescription The Senior Privacy Analyst reports to Emory Healthcare (EHC) Compliance and Privacy Office Leadership. The EHC Senior Privacy Analyst will perform ongoing privacy monitoring activities to ensure compliance with applicable privacy laws and policies. In addition, this position leads and assists with ongoing activities related to the development,...
-
Sr. Security Operations Analyst
4 days ago
Atlanta, United States Warner Bros. Discovery Full timeWelcome to Warner Bros. Discovery... the stuff dreams are made of.Who We Are... When we say, "the stuff dreams are made of," we're not just referring to the world of wizards, dragons and superheroes, or even to the wonders of Planet Earth. Behind WBD's vast portfolio of iconic content and beloved brands, are the storytellers bringing our characters...
-
Sr. Security Operations Analyst
4 days ago
Atlanta, United States Warner Bros. Discovery Full timeWelcome to Warner Bros. Discovery... the stuff dreams are made of. Who We Are... When we say, "the stuff dreams are made of," we're not just referring to the world of wizards, dragons and superheroes, or even to the wonders of Planet Earth. Behind WBD's vast portfolio of iconic content and beloved brands, are the storytellers bringing our characters to...
-
Security Analyst
5 days ago
Atlanta, United States Baker Donelson Full timeBaker, Donelson, Bearman, Caldwell, & Berkowitz PC has an immediate opening for a Security Analyst in any office, remote work will also be considered. The Security Analyst will be responsible for architecting, operating, maintaining, monitoring, and improving the Information Security program. This position must be well versed in understanding the IT...
-
SAP Security Senior Analyst
4 days ago
Atlanta, United States Graphic Packaging International Full timeIf you are a GPI employee, please click the Employee Login before applying. At Graphic Packaging International, we produce the paper cup that held your coffee this morning, the basket that transported those bottles of craft beer you enjoyed last weekend, and the microwave tray that heated your gourmet meal last night. We're one of the largest manufacturers...
-
Sr. Accounts Receivable
2 weeks ago
Atlanta, United States Incident IQ Full timeAbout Incident IQIncident IQ is a SaaS management platform built exclusively for K-12 schools that is transforming K-12 workflows including IT asset management, help ticketing, facilities maintenance solutions, and more. Our mission is to revolutionize how school districts manage operational support activities to better serve students and drive instructional...
-
Sr. Accounts Receivable
3 weeks ago
Atlanta, United States Incident IQ Full timeAbout Incident IQIncident IQ is a SaaS management platform built exclusively for K-12 schools that is transforming K-12 workflows including IT asset management, help ticketing, facilities maintenance solutions, and more. Our mission is to revolutionize how school districts manage operational support activities to better serve students and drive instructional...
-
Cybersecurity Threat Senior Analyst
2 days ago
Atlanta, Georgia, United States Truist Full timeThe position is described below. If you want to apply, click the Apply Now button at the top or bottom of this page. After you click Apply Now and complete your application, you'll be invited to create a profile, which will let you see your application status and any communications. If you already have a profile with us, you can log in to check status.Need...
-
Senior Security Engineer
7 days ago
Atlanta, United States Calendly LLC Full timeAbout the team & opportunity What’s so great about working on Calendly’s Security team? We make things possible for our customers through innovation. Why do we need you? Well, we are looking for a Senior Security Engineer who will bring curiosity, technical knowledge and desire to up-level people around you. You will report to the Head of Security...
-
Cybersecurity Threat Senior Analyst
4 days ago
Atlanta, Georgia, United States Truist Full timeThe position is described below. If you want to apply, click the Apply Now button at the top or bottom of this page. After you click Apply Now and complete your application, you'll be invited to create a profile, which will let you see your application status and any communications. If you already have a profile with us, you can log in to check status.Need...