Expoint - all jobs in one place

מציאת משרת הייטק בחברות הטובות ביותר מעולם לא הייתה קלה יותר

Limitless High-tech career opportunities - Expoint

NetApp Sr Cyber Incident Response Analyst 
United States, North Carolina 
566973563

30.06.2024
Job Requirements
  • Monitor and analyze security events and incidents related to application security and cloud security.
  • Conduct investigations to identify the root cause of security incidents and determine the extent of the impact.
  • Develop and maintain incident response plans and procedures specific to application security and cloud security.
  • Collaborate with development teams to ensure secure coding practices are followed during application development and deployment.
  • Perform vulnerability assessments and penetration tests on applications and cloud infrastructure to identify weaknesses and recommend remediation measures.
  • Coordinate with external vendors and partners for incident response support and threat intelligence sharing.
  • Stay up to date with the latest security trends, vulnerabilities, and attack techniques related to application security and cloud security.
  • Provide guidance and training to employees on best practices for application security and cloud security.
  • Participate in tabletop exercises and simulations to test and improve incident response capabilities.
  • Assist in the recovery and restoration of systems and data following security incidents.
  • Able to gather and analyze artifacts such as (malware samples, files, memory dumps, etc
Minimum Qualifications
  • 7 -10+ years of information security experience is required; At least 3 years' experience in security monitoring, digital forensic analysis, or incident response is a must.
  • Previous operational experience in a CSIRT, CIRT, SOC
  • Advanced understanding tactics used by APT, Cyber Crime and other associated threat group
  • Expert understanding of network communications (TCP/IP fundamentals, HTTP basics)
  • Advanced understanding of multiple operating systems such as Linux, Solaris, BSD, or Windows
  • Working knowledge of intrusion detection systems (e.g. Snort, Suricata) and tools (e.g. tcpdump, Wireshark)
  • Practical experience with security incident response
  • Security Incident Management – analysis, detection and handling of security events
  • Comprehension of how attacks exploit operating systems and protocols
  • Must understand how to analyze for suspicious and malicious activity
  • Hands-on experience with other security technologies:
  • Security Information & Event Management (SIEM) – ArcSight, Splunk, QRadar, etc
  • Packet capture technologies – NetWitness, Solera, Moloch, or at a minimum, WireShark or tcpdump
  • Scripting experience with one or more of the following: PERL, Bash, PowerShell, Python
  • Ability to write technical documentation and present technical briefings to varying audiences
  • Ability to work with a globally distributed team and rely heavily on electronic communication
  • Ability to travel as needed to support the corporate objectives.
  • Working knowledge of both defensive and offensive cyber security.

Did you know…

If you want to help us build knowledge and solve big problems, let’s talk.