Sr. Incident Response Analyst in Hartford, CT at Vaco

Date Posted: 8/12/2019

Job Snapshot

Job Description


Vaco is a private-equity backed solutions company that provides consulting, managed services, staffing, and placement services globally. Established in 2002 by "Big 4" consulting veterans, Vaco now has over 40 offices and has worked with over 9,000 clients. We have over 6,000 consultants and been named to Inc. magazine's list of fastest-growing private companies for the past 12 years. Vaco offers boutique services with global reach.

The Vaco Cyber Security team's success relies on the trusted relationships built with our clients. We recognize the challenge organizations encounter improving security, restructuring operations and handling risk while maintaining compliance and keeping costs down. Our information security specialists work closely with organizations to provide the solutions that best match business and security objectives. As a member of the team, you will have the opportunity to utilize and expand your skills through client experience and industry training while collaborating with security professionals across industries. Our team provides the full spectrum of security services to clients including, Strategy & Advisory, Identity & Access Management, Cyber Security Operations, Managed Services, Governance, Risk, and Compliance.

Looking for an exciting career opportunity as an Incident Response Analyst? Instead of being another faceless resume, let Vaco advocate for you! Right now, we are looking to fill a position for our Threat Intelligence Team. With Vaco, you will have an advantage over your competition! Our information security practice maintains strong relationships with clients, connect your experience with the right consulting project-promoting your strengths to the manager while preparing you for that specific interview.

Our team will provide you with great insight about trends in the market - keeping you up to date on compensation expectations, opportunities to work on exciting, impactful projects, and opportunities for industry training and advancement. If you're an experienced, and you want to partner with the best, apply today!

The Sr. Incident Response Analyst will create the technical vision behind a heightened focus on information security in the business unit. This role will be accountable for defining the organization's information security architecture, developing information security technology roadmaps and driving the introduction, separation and adoption of security technology.



Job Responsibilities:

Our client is seeking an experienced incident response professional to join our Cyber Security and Risk Management Team. The Senior Incident Response Analyst will perform a range of technical services; focused on operational security to identify threats, perform incident response, manage threat intelligence and improve processes.Principal Responsibilities:
  • Analyze and investigate events using an enterprise security information and event monitoring (SIEM), logs from firewalls, IDS/IPS, proxies, servers, endpoints and other network devices to determine risk
  • Performs information security incident response and incident handling based on risk categorization and in accordance with established procedures
  • Collect memory and disk images and perform analysis to support active incidents.
  • Assist in the administration and integration of security tools to include new data/log sources, expanding network visibility and automation
  • Manage and integrate threat intelligence received from a variety of sources into the security monitoring framework
  • Research the latest vulnerabilities, exploits and other relevant threat information and trends
  • Collaborate and interact with peers and stakeholders across the Corporate and Business Unit information technology organizations
  • Rotational, after-hours operational support (on-call)
  • Perform other duties as assigned

Education:
Bachelor or Master's degree in Computer Science/Engineering, Information Systems or related field with a minimum of 6 to 10+ years' experience.
Experience/Qualifications:
Candidates must possess:
  • Minimum 5 years working in Security Incident Response required.
  • Excellent and demonstrated written and verbal communication skills; must be able to communicate technical details clearly and concisely with peers and all levels of management
  • Capability to think and operate independently and in a team environment with minimal supervision
  • Proactive and results driven mindset
  • Strong process orientation and ability to develop and follow standard work; attention to detail
  • Organizational skills to manage multiple competing priorities and deadlines in a fast-paced working environment
  • Proven ability to troubleshoot and solve technical issues
Candidate must have technical experience in the following areas:
  • Network analysis using tcpdump, Wireshark or other packet capture tools
  • Searching, interpreting and working with data from enterprise logging systems including syslog, netflow and SIEM/SEIM platforms
  • Scripting languages such as Python and PowerShell
  • Malware sandboxes
  • Windows and Linux operating systems
  • Endpoint protection suites such as Symantec, McAfee, Carbon Black or Tanium
  • Systems or network architecture
  • Collection and management of threat intelligence
  • Host based forensics using EnCase, FTK or other digital forensics tools