We are seeking an experienced Security Incident Response Analyst to lead incident response efforts and enhance our Security Operations Center (SOC) capabilities. The ideal candidate will act as a subject matter expert (SME) in security incidents, leverage automation tools for SOC processes, and proactively hunt for threats to ensure the security and integrity of enterprise systems.
Key Responsibilities:
- Lead Incident Response (IR): Act as the SME for security incidents, analyze and respond to security breaches, perform root cause analysis, and coordinate remediation efforts. Provide leadership during incident investigations to ensure rapid and thorough handling.
- SOC Automation & Integration: Use Python scripting and Palo Alto XSOAR to automate security processes, streamline incident response, and enhance detection capabilities. Design, implement, and maintain playbooks to address emerging threats.
- Threat Hunting & Monitoring: Proactively perform threat hunting to detect advanced threats that may bypass existing security solutions. Leverage internal and external threat intelligence to identify and mitigate potential risks.
- OSINT Utilization: Apply Open-Source Intelligence (OSINT) techniques to gather and analyze publicly available information for early identification of threats.
- Collaboration & Communication: Collaborate with IT, legal, and risk teams to align incident response strategies. Clearly communicate complex security issues to technical and non-technical stakeholders through reports and presentations. Provide mentoring and security awareness training to SOC analysts and other team members.
Required Education:
- Bachelor's Degree in Computer Science, Information Security, or a related field.
Preferred Education:
- Master's Degree in a relevant field.
Required Technical and Professional Expertise:
- 6+ years of experience in IT security with SOC operations.
- Expertise in Security Device Management, SIEM (Arcsight, Qradar), incident response, threat hunting, use case engineering, SOC analyst operations, and device integration with SIEM.
- Working knowledge of industry standard risk, governance, and security methodologies.
- Proficiency in incident response processes including detection, triage, analysis, remediation, and reporting.
- Competence with Microsoft Office tools (Word, PowerPoint, Excel, Visio).
- Strong skills in Python scripting and Palo Alto XSOAR for automation.
