Cybersecurity Incident Response Analyst
Creative Artists Agency · Los Angeles, CA · 2 wk ago
Information TechnologyFull-time
Responsibilities
- Conduct day-to-day Incident Response activities as well as additional SOC related detection and response activities as required for a global environment
- Design, engineer, and implement runbooks and playbooks for Incident Response
- Cook up and coordinate with both technical and business stakeholders during the incident response process
- Perform host based, cloud based, network based, memory, or log analysis and/or forensics in support of Incident Response investigations
- Play an active role in CAA’s Security Incident Response efforts, working to identify and mitigate information security threats
- Review security information, event logs, and reports, provide findings and recommendations
- Use input from IRM leadership and key security metrics to ensure technical security controls are meeting desired objectives; implement a process of continual review and improvement to ensure the measurable effectiveness of CAA’s technical controls
- Other projects or duties as assigned, including periodic on-call
Requirements
- A minimum of 3 years in Information Technology, ideally with 2 years’ experience in a hands-on Incident Response, Threat Hunting, or forensics role
- A bachelor’s or master’s degree in a relevant field of work
- Strong technical background with experience in at least two of the following: Windows disk and memory forensics, Network traffic analysis (netflow,pcap), Log Analysis, Unix or Linux disk and memory forensics, Malware analysis – both static and dynamic
- A strong understanding of the fundamental operations of servers, operating systems, networks, firewalls, cloud applications, and infrastructure
- Expertise building workflows and playbooks to facilitate the Incident Response process
- An understanding of the NIST framework and using a continuous improvement loop
Qualifications
- Bachelor’s or Master’s Degree in a relevant field of work
- Minimum of 3 years in Information Technology, ideally with 2 years’ experience in a hands-on Incident Response, Threat Hunting, or forensics role
- Strong technical background with experience in at least two of the following: Windows disk and memory forensics, Network traffic analysis (netflow,pcap), Log Analysis, Unix or Linux disk and memory forensics, Malware analysis – both static and dynamic
- A strong understanding of the fundamental operations of servers, operating systems, networks, firewalls, cloud applications, and infrastructure
- Expertise building workflows and playbooks to facilitate the Incident Response process
- An understanding of the NIST framework and using a continuous improvement loop