Nov. 21, 2022

Sr. Incident Response Analyst - SIRT

Confidential Greensboro, North Carolina

**Come reimagine insurance with us! As a member of SIRT, you will be the front-line responder combating cybersecurity threats against GEICO and their customers by handling security events. You will be challenged with rapidly changing incidents where attackers use the latest cutting-edge technology in their attempt to breach GEICO. **Responsibilities:** * Identify, detect, respond, and mitigate sophisticated threats to GEICO * Perform incident response functions including: * Host-based analysis of Windows, Linux and Mac operating systems * Examine data collected from a variety of tools and sources (e.g., IDS alerts, firewall logs, web logs, network traffic logs) to identify IOCs and/or malicious TTPs * Review/Comprehend log data and apply use case scenarios in effort to further develop threat detection and incident response capabilities * Analyze events that occur within their environments for the purposes of mitigating threats **Required Qualifications:** * 4+ years of Incident Response experience * Knowledge of digital forensics and incident response best practices * Demonstrated experience performing root cause analysis of security events and incidents * Knowledgeable with security frameworks (E.g. – MITRE ATT&CK; framework) * Ability to understand security control mechanisms for Windows, Linux, and Mac operating systems * Knowledge of computer networking concepts and protocols, and network security methodologies * Knowledge of common threat actor TTPs * Proficient in scripting languages such as Bash, Python, Perl, and PowerShell * Ability to apply strong critical thinking, logic, decision making, troubleshooting, and problem-solving skills * Strong written and oral communication skills * Ability to work independently and as a team member * Ability to handle advanced-level triage and troubleshooting * Ability to produce technical documentation, such as Visio flows and processes * Ability to understand complex problems while presenting them simplistically in a formal setting * Ability to learn and apply large amounts of technical and procedural information, and to follow published standards and processes. (e.g., NIPS, anti-malware, restrict/prevent external devices, spam filters) **Desired certifications (at least one):** * GIAC Certified Incident Handler (GCIH) * GIAC Certified Forensic Examiner (GCFE) * GIAC Certified Forensic Analyst (GCFA) * GIAC Reverse Engineering Malware (GREM) * GIAC Defending Advanced Threats (GDAT) * GIAC Cyber Threat Intelligence (GCTI) * Certified Ethical Hacker (CEH) * CompTIA Cybersecurity Analyst (CySA+) * Certified Information Systems Security Professional (CISSP) **Benefits:** At GEICO, we make sure you have the support and resources to leverage and develop your skills, secure your financial future, and take care of your health and well-being.

Create an account to see the full posting, access our search engine, and more.

Looking For Similar Jobs?