Sr Incident Response Analyst
Citrix Systems
San Francisco, Costa Rica
hace 23 horas

We believe work is not a place, but rather a thing you do. Our technology revolves around this core philosophy. We are relentlessly committed to helping people work and play from anywhere, on any device.

Innovation, creativity and a passion for ever-improving performance drive our company and our people forward. We empower the original mobile device : YOU!

What we're looking for :

The Cyber Incident Response Senior Analyst is primarily responsible for managing cyber security alerts and events. The senior analyst will execute processes that enable the organization to analyze and respond to computer security issues and cyber threats.

The senior analyst will work with cross-functional teams to manage cyber investigations, incident response activities, and incident reporting.

The senior analyst will assist with activities around the forensic preservation, collection, analysis, and reporting of data used to support investigations and legal matters.

The analyst must have a high attention to detail, be very flexible, and have the ability and desire to learn new cyber threats, trends, and technical procedures.

Responsibilities :

  • Seasoned in handling of digital evidence and matters of confidentiality.
  • Coordinate and manage resolution to a wide range of cyber security incidents
  • Provide support for monitoring security events, respond to alerts, and track incidents
  • Perform incident triage by determining scope, urgency and potential impact including identifying the specific vulnerability, attack vector and recommending remediation actions
  • Perform analysis of log files, packet captures, including basic forensic analysis of systems and hosts
  • Act as SME to resolve incidents by working with various stakeholders to correlate intelligence and threat data
  • Coordinate and share indicators and other information with the CSIRT and SOC
  • Possess strong knowledge of network protocols, Windows / Linux, EDR solutions, SEIM, virtualization and cloud platforms.
  • Document the full life cycle of the incident from detection, containment and remediation
  • Create and maintain Cyber Security Incident Response documentation, including playbooks, runbooks, policies, processes and procedures
  • Other investigative and incident response duties as assigned
  • Ability and willingness to work on call rotation (24 / 7) and / or a shifted schedule as needed
  • Qualifications :

  • Bachelor’s degree or higher in computer science or related area of study or equivalent combination of education and / or relevant work experience
  • 5 or more years of experience
  • Related certifications (GCIH, GCFE, GCFA, GNFA, A+, Network+, and / or Security+)
  • Basic understanding of legal, regulatory and compliance requirements (GDPR, PCI, HIPAA, SOX, etc.)
  • Practical working knowledge of the incident response life-cycle (detection, Identification, containment, analysis, remediation and reporting).
  • Exposure and expert knowledge with event correlation using SEIM tools such as Splunk.
  • Experience with scripting and log analysis tools
  • Strong communication and presentation skills along with the ability to work in a highly collaborative environment
  • What you’re looking for :

    Our technology is built on the idea that everyone should be able to work from anywhere, at any time, and on any device. It’s a simple philosophy that guides everything we do including how we work.

    If you’re an engineer, we’ll give you plenty of ways to test your skills on cutting edge technology. We want employees to do what they do best, every day.

    Be bold. Take risks. Imagine a better way to work. If this sounds like you then we’d love to talk.

    Functional Area : Incident Response

    Incident Response

    Reportar esta oferta
    checkmark

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Inscribirse
    Mi Correo Electrónico
    Al hacer clic en la opción "Continuar", doy mi consentimiento para que neuvoo procese mis datos de conformidad con lo establecido en su Política de privacidad . Puedo darme de baja o retirar mi autorización en cualquier momento.
    Continuar
    Formulario de postulación