Security Incident Response Analyst

Remote

Operationalize cyber threat intelligence and manage incident response processes for security events. Perform in technical security testing of Cambia infrastructure to identify weaknesses and assist with the prioritization of remediation efforts. Provide scenarios and facilitation of tabletop exercises.

• Responsible for incident confirmation, response, data collection, investigation, and analysis.
• Responsible for maturing Cambia's information security incident response process and procedures and guiding responders on the proper handling of cybersecurity incidents.
• Partners with information security and architecture and information security operations teams on mitigations approaches.
• Designs and implements processes for continuous improvement of incident response processes, policies, procedures, and playbooks
• Responsible for the planning, design, enforcement, and review of technology events to help ensure compliance with security policies, standards, and procedures under appropriate management guidance.
• Assists in the delivery of security briefings to management advising them of critical issues and metrics that may affect customer or corporate security objectives.
• Communicate with various departments and business units regarding sensitive and confidential issues.
• Work with IT team members, Privacy Office, Human Resources and Legal office in the collective effort of protecting Cambia's information assets.
• May serve as primary incident response management involving a shared 24x7 on call availability.
• Monitor threat and vulnerability management information resources to identify new and emerging enterprise concerns.
• Demonstrated understanding of complex systems integration issues involving many disparate data sources, and experience in resolving them through providing clear direction on scope of solution.
• Provides leadership, direction, processes and procedures for the Cybersecurity incident management program.
• Leverages commercial and open-source intelligence feeds to adequately cover business risks.

• Experience with cyber threat intelligence at both a technical and process level, security incident response process, digital forensics, chain of custody, and threat hunting.
• Demonstrated experience with Security Operations Center (SOC) operations and processes
• Excellent written and verbal communication skills with an ability to communicate with a variety of stakeholders, including all levels of staff and leadership.
• Passionate and curious with wide and mixed skills in active defense and intelligence analyst tradecraft.
• Capable of analyzing competing sources of information to prioritize the best hypothesis while searching for and tracking adversaries over the course of a campaign.
• Knowledge of exploit development, vulnerability research/reporting or writing system modules in C & C++, a major advantage and added bonus.

Normally to be proficient in the competencies listed above

An Incident Response Analyst would have a Bachelor's degree in Computer Science, Mathematics, Business Administration or related field and 5+ years of experience in incident response and technical security testing or equivalent combination of education and experience. 5+ years of experience creating security policies, standards, or procedures.

Required Licenses, Certifications, Registration, Etc.

CISSP certification required within 12 months of hire. Other relevant certifications desired.