Administrator, Incident Response - Washington, United States - The Carlyle Group

The Carlyle Group

Verified Company

Washington, United States

3 weeks ago

Posted by:

Mark Lane

beBee recruiter

Description

Basic information:

Job Name:
Administrator, Incident Response
Location:

Washington, DC

Line of Business:
Global Technology & Solutions
Job Function:

Investor Services

Date:
Thursday, April 25, 2024
Position Summary:
The Incident Response Analyst role plays a critical role in safeguarding sensitive financial data and systems from cyberattacks. This position requires a highly skilled and experienced security professional with a proven track record of performing security incident response activities.
This position will also be a champion for security automation. They will leverage scripting skills and API knowledge to automate integrations between security tools, streamlining incident response workflows. Furthermore, their understanding of cloud security best practices will be vital for identifying and mitigating cloudbased threats.
Beyond technical skills, this role demands excellent communication and collaboration. The Incident Response Analyst will work effectively with security teams, IT teams, and business stakeholders, keeping everyone informed and aligned throughout the incident response process. Additionally, they will thrive in a fastpaced environment, prioritizing tasks effectively, managing multiple incidents concurrently, and remaining calm under pressure.
This role offers a unique opportunity to work with cuttingedge security tools and technologies and collaborate with a dedicated team focused on a critical mission: securing the organization's IT infrastructure.

Responsibilities:

60% of time

Responsible for analyzing, documenting, and responding to security events, and performing incident response.
This role will act as an escalation point from the managed service provider (Tier 1 SOC) for events that require further analysis and treatment.
Will work closely with Security team and the Carlyle team at large in the resolution/containment of security incidents.
Will maintain the security incident response playbook. Will tag and annotate assets and IOCs in internal security tools.
Develops methods and analytics for detecting advanced threats.
Performs routine hunting exercises.

25% of time

Responsible for supporting security infrastructure.
Related tasking includes, among others, documentation, updating software, deploying new technologies, performing backups, scripting, submitting change requests, quality assurance testing, developing reports, and systems troubleshooting.

10% of time

Responsible for improving relevant knowledge, skills, and abilities through research, lab work, mentoring others, training, and other professional development activities.

5% of time

Provide reporting around project deliverables.

Qualifications:

Education & Certificates

Bachelor's degree, or equivalent years' of relevant experience, required.
Certifications in incident response (GCIH, SANS) or security (CISSP, CCSP).

Professional Experience

5+ years of overall ITrelated experience, required.
3+ years of IT security operations and incident response experience, required.
Knowledge of financial services industry and alternative asset management strongly preferred.
Indepth knowledge of incident response methodologies (identify, contain, eradicate, recover, learn).
Proven ability to conduct investigations, analyze evidence, and identify root causes of security incidents.
Experience with digital forensics and evidence collection techniques in various environments (cloud, network, endpoint).
Experience with leveraging APIs to automate integrations between security tools.
Knowledge of cloud security best practices (IAM, encryption, logging).
Proficiency with security orchestration, automation and response (SOAR) platforms (Palo Alto Cortex XSOAR).
Proficiency with security information and event management (SIEM) tools (ELK Stack, Google Chronicle).
Proficiency with at least one major cloud platform (AWS, Azure)
Familiarity with Infrastructure as Code (IaC) tools (Terraform, CloudFormation).
Experience with scripting languages (Python, Bash, PowerShell) for automating incident response tasks.
Strong understanding of network security concepts (firewalls, intrusion detection/prevention systems).
Proficiency with endpoint security tools (antivirus, endpoint detection and response (EDR)).
Working knowledge of various operating systems (Windows, Linux, macOS).

Competencies & Attributes

Ability to prioritize tasks, manage multiple incidents concurrently, and work effectively under pressure.
Strong analytical and problemsolving skills to diagnose complex security incidents.
Excellent communication and collaboration skills to work effectively with security teams, IT teams, and business stakeholders.

Company Information:

The Carlyle Group (

NASDAQ:
CG) is a global investment firm with $426 billion of assets under management and more than half of the AUM managed by women, across 586 investment vehicles as