- 5+ years of experience in Information Security
- 6 months experience using Netskope, Purview, Splunk, Exabeam and Crowdstrike or data from these systems to detect potential data leaks and prepare assessments.
- Undergraduate degree in computer science or related field, or equivalent work experience
- Ability to work flexible schedule that may include shift work.
- Development of incident response assessments and other similar reporting (demonstrated writing & comms skills) with demonstrated attention to detail.
- Experience in a similarly sized organization with significant complexity.
- Strong time management skills to balance multiple activities.
- Conducts data security incident analysis in support of Insider Threat Management Program producing insider risk assessments when thresholds are met.
- Collaborate with team members on assessments and other work products to improve results and processes.
- Assist with the development and maintenance of insider risk "playbooks" to ensure effective and efficient response processes and procedures.
- Handle referrals from internal and external sources to quickly triage and respond to potential insider threat incidents, as needed.
- Conducts content search using Microsoft Purview eDiscovery.
- Provide technical subject matter expertise related to projects and initiatives that advance the maturity and capability of security program.
- Apply technical acumen and analytical capabilities to speed and enhance response.
- Work in a flexible environment, including shift work, as required to meet business and operational needs.
-
Incident Response Analyst
2 weeks ago
MindPoint Group Washington, United StatesMindPoint Group is seeking a Security Operations Center (SOC) Analyst that will collaborate with members of the SOC team to improve procedures for the SOC to enhance coordination and incident response operations. You must be willing to work in a 24x7x365 SOC environment demonstra ...
-
Incident Response Analyst
2 weeks ago
MindPoint Group Washington, United StatesMindPoint Group is seeking a Tier 2 Incident Response Analyst to support threat monitoring, detection, event analysis, and incident reporting. The Security Operations Center is a 24/7 environment. You will be responsible for monitoring enterprise networks and systems, detecting e ...
-
Incident Response Analyst
1 week ago
Sikich LLP Washington, United States**Description**: · **Incident Response Analyst (II)** · **What to expect when you join the Sikich family** · Team members at Sikich have a lot in common while also being part of a rich and diverse group of contributors, creating a distinct and thriving culture. Chief among our co ...
-
Incident Response Analyst
4 days ago
Super Systems Inc Arlington, United StatesHybrid · - 2x a week onsite (Tuesday and Thursdays) Sometimes there may not be an onsite need. · **Role Description**: · - Support the development of staff schedules and staffing forecasts for approval · - Ensure shift members follow the appropriate incident escalation and report ...
-
Incident Response Analyst
1 week ago
Gridiron IT Washington, United States**Role Description**: · - Support the development of staff schedules and staffing forecasts for approval · - Ensure shift members follow the appropriate incident escalation and reporting procedures · - Ingest, triage, prioritize, assign, track, document, and manage incidents and ...
-
Cyber Incident Response Analyst
2 days ago
cFocus Software Incorporated Washington, United StatescFocus Software seeks a Cyber Incident Response Analyst (Mid-Level) to join our program supporting to join our program supporting United States Courts, Information Technology Security Office in Washington, DC. This position requires US Citizenship and the ability to obtain a Publ ...
-
Incident Response Analyst
2 weeks ago
Edgewater Federal Solutions Bethesda, United StatesOverview: · Edgewater is seeking an Incident Response Analyst to provide support to an Edgewater Federal government contract. · Responsibilities: · As a Incident Response Analyst, you and team will be responsible for: · Manning a 24x7x365 cybersecurity operations center and r ...
-
Cyber Incident Response Analyst
2 weeks ago
Leidos Ashburn, United States**Description** · Our Security Operations Center (SOC) Support Services is a US Government program responsible to monitor, detect, analyze, mitigate, and respond to cyber threats and adversarial activity on the government Enterprise. We have primary responsibility for monitoring ...
-
Tier 2 Cyber Incident Response Analyst
3 days ago
Critical Solutions Washington, United States**Tier 2 Cyber Incident Response Analyst - Shift 1 (M-F 6AM - 2:30PM ET) - (w/ active TS)**: · Washington, DC · Full-time · Clearance Required: Top Secret w/ SCI eligibility · Shift 1: Monday - Friday 6am - 2:30pm EST · **JOB DESCRIPTION** · Critical Solutions is seeking a Tier 2 ...
-
Threat Incident Response Analyst
3 weeks ago
Relate Central Bethesda, United StatesJOB SUMMARY · Candidate will respond to potential insider threat incidents by reviewing/analyzing data from a variety of data security and data loss prevention tools; and collaborating with multiple areas of the business to determine root cause of the events, to make recommendat ...
-
Weekend Days- Incident Response Analyst, Tier 2
3 weeks ago
MindPoint Group Washington, United StatesText code IRAWD to to apply · MindPoint Group delivers industry-leading cybersecurity solutions, services, and products. We are trusted cybersecurity advisors to key government and commercial decision-makers and support security operations for some of the most security-conscious ...
-
Incident Response Analyst – SIRT
1 week ago
GEICO Chevy Chase, United States Full timeGEICO's Security Incident Response Team is looking for a highly motivated, confident, and decisive Incident Response Engineer. As a member of SIRT, you will be the front-line responder combating cybersecurity threats against GEICO and their customers by handling security events. ...
-
Detection and Response Analyst
4 weeks ago
Knewin Arlington, United StatesDetection & Response Analyst · We are looking for people with a passion for investigation and forensic analysis to join our MDR SOC team at Rapid7. As a Detection & Response Analyst, you will utilize Rapid7's advanced tools to investigate and triage security events and work side- ...
-
Incident Response Analyst
2 weeks ago
Computer World Services (CWS)Corporation Washington DC, United States· Job Description · The mission of the OFR is to support the Financial Stability Oversight Council (FSOC) in promoting financial stability by: collecting data on behalf of FSOC; providing such data to FSOC and member agencies; standardizing the types and formats of data report ...
-
Critical Solutions Washington, United States Part time**Tier 2 Cyber Incident Response Analyst - (w/ active TS) - PART TIME Weekend Nights**: · Washington, DC · Part-time, On-site · Clearance Required:Top Secret · Shift Schedule**:Weekend Nights, 10 pm - 10 am EST** · **JOB DESCRIPTION** · Critical Solutions is seeking a Tier 2 Cybe ...
-
Incident Response Analyst
2 weeks ago
XOR Security Arlington, United StatesJob Title: Incident Response Analyst · Location: 1110 N. Glebe Rd. Arlington, Virginia 22201 · Clearance Level: Top Secret · SUMMARY: · XOR Security, An Agile Defense Company is currently seeking an Incident Response Analyst with advanced skillsets in Digital Forensic & Incid ...
-
Incident Response Analyst
4 weeks ago
XOR Security Arlington, United StatesJob Title: · Incident Response Analyst · Location: · 1110 N. Glebe Rd. Arlington, Virginia 22201 · Clearance Level: · Top Secret · SUMMARY: · XOR Security, An Agile Defense Company is currently seeking an · Incident Response Analyst · with advanced skillsets in Digital F ...
-
Incident Response Analyst
1 day ago
OneZero Solutions Washington, United StatesJob Description · Job DescriptionWe are an employee-centric company that truly appreciates our team members and their value to our customers and the missions they support. We pride ourselves on being forward-leaning thinkers and fostering teams that are and continue to be technic ...
-
Incident Response Analyst
1 day ago
OneZero Solutions Washington, United StatesWe are an employee-centric company that truly appreciates our team members and their value to our customers and the missions they support. We pride ourselves on being forward-leaning thinkers and fostering teams that are and continue to be technically proficient and technically c ...
-
Detection and Response Analyst
2 weeks ago
Rapid7 Arlington, United States Full timeDetection & Response Analyst · We are looking for people with a passion for investigation and forensic analysis to join our MDR SOC team at Rapid7. As a Detection & Response Analyst, you will utilize Rapid7's advanced tools to investigate and triage security events and work side- ...
Threat Incident Response Analyst - Bethesda, United States - Relate Central
Description
JOB SUMMARY
Candidate will respond to potential insider threat incidents by reviewing/analyzing data from a variety of data security and data loss prevention tools; and collaborating with multiple areas of the business to determine root cause of the events, to make recommendations on how to improve our data loss prevention systems, and to mitigate insider risk.
Knowledge of payment card data, personally identifiable information (PII), intellectual property and other sensitive data types is required.Through a strong understanding of insider threat behavior and data security events and incidents, helps track and manage metrics (KPI/KRI) to ensure the advancement of the program across the enterprise, while mitigating risk to the organization.
Required Experience and EducationoExperience with data loss/information protection solutions (Splunk, Netskope, Microsoft O365, etc.) and case management systems such as Service Now.
oIdentification of potential insider threat tools, tactics, and procedures (TTPs)
oSecurity data analysis from a variety of sources and tools, including contributing to DLP policy/alert creation and maintenance.
Attributes and Preferred Experience:
CORE WORK ACTIVITIES
Develop and follow detailed operational processes and procedures to appropriately analyze, escalate and assist in the remediation of information security-related incidents.