Senior Incident Response Analyst
Posted on: January 17, 2020
Imagine...working for a company that knows that its people are the
key to its success in the marketplace. A company in which achieving
extraordinary results and having a stimulating work experience are
part of the same process.
We cultivate and embrace a diverse employee population. We
recognize that people with diverse backgrounds, experiences and
perspectives fuel our growth and enrich our global culture.
We are looking for an individual who enjoys working in a
fast-paced, team oriented environment, likes to be challenged, and
values the opportunity to make a difference.
As a key member of Campbell's Information Security Incident
Response Team this individual will be responsible for various parts
of the incident response process -- detection, validation,
containment, remediation, and communication -- for IT based
security events and incidents such as malware infections, potential
compromise, Distributed Denial of Service (DDoS), privacy breach
This individual will be responsible for the rapid response and
resolution of security incidents globally including onsite, the
Cloud (AWS and MS Azure) and on SAAS applications. This will
involve coordinating with internal/external teams including
forensics, Legal, to identify root cause, restore services and
communicate status to affected stakeholders. In addition, the
individual will be involved in Targeted Threat Hunting including
the continuous development of threat hunting and proactively
identifying security incidents before they occur.
This role will act as the escalation path for more junior staff to
validate findings and identify scope of events and support during
larger investigations. This individual will act as an internal
resource while overseeing the work of the Incident Response
Analysts and the third party Security Operations Centers staffed by
8 10 external employees.
Principal Accountabilities (include percentage of time)
50% - Incident Response
- Perform Level 2 and Level 3 computer security incident response
activities including coordinating with the third party Security
Operations Center (MSSP) and third party forensic firms including
Verizon Breach Services.
- Monitor security logs in order to identify key events and
incidents that require hands on investigation.
- Analyze and triage anomalies to ensure appropriate
identification of risk to the Company and information.
- Oversee the forensic analysis of various incidents.
- High level, hands on coordination of information security
incidents that require greater technical expertise and executive
presence including escalation to third parties when there is a
sense of urgency and escalation required.
- Communicate and coordinate response efforts including working
with I.T., Business Leaders, and Third Parties to mitigate the
impact of the risk. Manage the Crisis Management Team and
activities on behalf of Director of Incident Management.
- Prepare incident reports of analysis and methodology and
results of investigation. Review and sign off on reports prepared
25% - Threat Hunting
- Actively seek to uncover indicators of compromise for which
monitoring capabilities do not yet exist.
- Collects and aggregates information from a wide variety of
sources and formats them for relevance to our environment.
- Creates hypotheses for analytics and testing of threat
- Partner with the third party Security Operations Center (MSSP)
and threat intelligence firms/organizations including Information
Security Sharing forums (ISACs) to identify threats that may impact
25% - Assist with Incident Management Strategy Development,
Consulting and Management of Third Party Security Operations
Center, Threat Intelligence Organizations.
- Leverage lessons learned, threat modelling and emerging
industry better practice, to analyze the effectiveness of the
existing program (policies, technology and awareness) in order to
continuously improve the incident management program.
- Partner with Security Business Analysts, Security Architects to
identify security logging and monitoring requirements for new
initiatives especially those with privacy implications.
- Review industry frameworks and best practice to advance the
Company's controls in network/perimeter security, intrusion
detection and response, content monitoring and filtering,
vulnerability and patch management, managed threat detection and
data loss prevention.
- Partner with vendors and other third parties to improve product
design and delivery capabilities.
- Assist with management and review of third party contracts for
the security operations center and service levels. Identify
potential gaps including procedures needed to mitigate risk.
Job Specifications (KNOWLEDGE, SKILLS AND ABILITIES NORMALLY
REQUIRED FOR COMPETENT PERFORMANCE IN THE JOB)
Minimum education required: Bachelor's Degree Required Education
Years of relevant experience: 7 - 10
Knowledge, skills and abilities required:
- High level of technical expertise in information security,
including deep familiarity with relevant penetration and intrusion
techniques and attack vectors.
- Cybersecurity in large complex companies including knowledge of
global security and privacy breach laws and regulatory
- Proven experience working with third party Security Operations
Center (8 10 people globally) and forensics firms such as Verizon
Data Breach Services.
- Demonstrated ability to lead and develop cohesive and
collaborative management and operational teams internally and with
a third party.
- Proven experience implementing policies, procedures and
technology to detect and recover from a cybersecurity attack.
- Ability to demonstrate strong computer knowledge networks,
desktops, servers, cloud and software as a service technology.
- Expertise with next generation firewalls
(Fortinet/Cisco/Checkpoint), Microsoft Advanced Threat Protection
and 0365, Zero Day Threat Detection Technology, Threat Intelligence
Feeds, Stix and Taxii Standards, Encase, Data Loss Prevention
Software, Web Proxies, Web Application Firewalls.
- Strong problem-solving and trouble-shooting skills.
- Strong communication skills including writing reports and
presenting to senior executives.
- Demonstrated connections to external Incident Response leaders
and learning organizations.
Normal corporate office environment, 10-15% travel as required by
project assignment need. On call work is required.
The preceding job description has been designed to indicate the
general nature and level of work performed by employees within this
classification. It is not designed to contain or be interpreted as
a comprehensive inventory of all duties, responsibilities and
qualifications required of employees assigned to this job.
The Company is committed to providing equal opportunity for
employees and applicants in all aspects of the employment
relationship, without regard to race, color, sex, sexual
orientation, gender identity, national origin, citizenship, marital
status, veteran status, disability, age, religion or any other
classification protected by law.
In that regard, U.S. applicants and employees are protected from
discrimination based on certain categories protected by Federal
law. Click here for additional information.
Keywords: Campbells, Camden , Senior Incident Response Analyst, Professions , Camden, New Jersey
Didn't find what you're looking for? Search again!