Analyst - CSIRT

As an Analyst – CSIRT on the team, you’ll be the first line of response as you assess information security events and incidents across us and our customers’ environments.

Required Experience:

2

+ Years
Job Locations:

Remote

Location Restrictions:

Travel

Basic Qualifications and

In this role, you will collaborate and utilize problem solving skills as you work among a team of skilled analysts to address complex problems and add value to the organization and our customers. Our company is on a mission to protect and defend our customers, enable better risk-informed business decisions, and drive innovation and excellence within Cyber Security. Come be a part of a growing team that is doing important, challenging, and fulfilling work in support of that mission.

Responsibilities
  • The Analyst – CSIRT provides incident detection and response services for our CyberDNA managed NSM service. This role performs and participates in proactive hunts to identify anomalous activity indicative of active compromise, previous compromise, misconfigurations, or other notable observations to support the protection of our customers’ environments
  • When not hunting, this role triages and investigates alerts generated from multiple detection technologies & takes necessary action to identify, scope, and guide customers to a rapid and successful remediation
  • You will implement new processes and procedures as identified by the CSIRT Leadership to ensure continuous improvements for Vigilant’s monitoring, detection, and mitigation capabilities
  • You will use your knowledge of InformationSecurity to monitor SIEM and logging environments for security events and alerts to potential (or active) threats, intrusions, and/or compromises
  • You will work to understand the global threat landscape by working with the Cyber Threat Intelligence team to maintain awareness
  • You will assist with containment of threats and remediation of environment during or after an incident
  • You will leverage your knowledge to write comprehensive reports of incident investigations
  • This role is tied to our 12pm-8pm ESTMonday-Friday watch rotation or 9am-5pm EST Sunday-Thursday.

Required Skills and Experience
  • Bachelor’s degree in computer science, information security or equivalent practical work experience
  • 2+ years of hands-on experience responding tocyber attacks
  • Ability to work in a fast-paced, operational, and team-oriented environment (including non-standard work hours in response toInformation Security incidents)
  • Understanding of fundamental to intermediate security, systems, and network concepts
  • Foundational knowledge of network traffic analysis& related tools
  • Skilled with log analysis tools, creating parsers, correlation rules, and managing dashboards
  • Fundamental knowledge of common attack methods and their detection techniques
  • Ability to demonstrate analytical mindset, close attention to detail, excellent critical thinking, logic, and adaptive learning (while balancing speed and thoroughness)
  • Ability to navigate ambiguity and develop working business relationships
  • Strong written and verbal communication skills to present complex technical information and metrics to both technical and non-technical audiences; ability to speak authoritatively and confidently while balancing respect and & tact with customers

Interested in this position?
Fill out the form below!