Sr Incident Containment Analyst

With Hays in Atlanta GA US

More jobs from Hays

Posted on April 24, 2019

About this job

Job type: Full-time
Role: System Administrator

Technologies

security, networking, sysadmin

Job description

Sr Incident Containment Analyst

SunTrust

Atlanta, GA

9 month contract

Pay: up to $65/hr

Job Details:

The Senior Incident Containment Analyst works to support “damage control” and is responsible for developing creative containment strategies across corporate, geographic, and digital boundaries. This role must have significant knowledge of network design, network architecture, enterprise infrastructures, and cloud security.

The Senior Incident Containment Analyst develops strategies for short-term and long-term containment of potential cyber incidents. This role allows the Cyber Incident Response Team (CIRT) to move from short-term actions (ex: blocking IPs, disabling accounts, etc.) to advising on long-term actions like network segmentation, improved visibility, and targeted technology deployments.

This role is expected to study the network, document network ingress/egress points, inventory the existing technology controls, and map them to a series of containment strategies. Additionally, the selected individual will work closely with networking, disaster recovery, architecture, engineering, and other teams. This high level of engagement with other business units requires strong soft skills like communication and ability to lead technical meetings. The ability to create detailed documents, playbooks, and project plans that drive implementation efforts will be important in this role. Conducting and developing tabletop exercises will be an important part of the candidate’s job.

Knowledge of software-defined networking and software engineering is desirable for this role, particularly experience integrating internally hosted appliances with cloud services via APIs or other mechanisms.

Primary Projects: Incident Analysis
• Network Design Consultation
• Network Segmentation Planning
• Incident Response to Disaster Recovery Integration

Top Requirements:
• Three (3) or more years’ working experience in a technology environment with exposure to information security principles.
• Working knowledge of common IT and security concepts with emphasis on TCP/IP network security, operating system security, modern attack and exploitation techniques, and cyber incident response experience.
• Ability to solve complex problems by applying industry best practices.
• Demonstrated teamwork and collaboration skills.
• Strong time management skills and ability to manage competing priorities effectively.
• Highly effective verbal and written communication skills for the purpose of providing extensive information about event timelines, technical designs, system concepts and business impact to audiences at all levels within the organization.
• Highly effective verbal and written communication skills for the purpose of providing extensive information about event timelines, technical designs, system concepts and business impact to audiences at all levels within the organization.
• Effective written and verbal communication to teammates, management, or before an audience is crucial for this role.
• Support a variety of tasks in support of the larger Cybersecurity Mission
• Demonstrate the ability to work as a self-starter and acquire new skills quickly
• Demonstrate the ability to work unstructured and complex tasks with minimal direction
• Exemplify the characteristics of a great team player and overall positive mindset
• Ability to obtain requisite technical certification(s) within six months of hire.

Plus Skills:
• Five (5) or more years in a role directly related to enterprise-scale IT infrastructure and/or networking technologies, including: routers, switches, enterprise-grade firewalls, security (IDS/IPS) devices, and packet analysis.
• A bachelor’s degree or higher in Information Security, Information Technology, Computer Science, Engineering, or similar field.
• Experience in the implementation of solutions in support of infrastructure installation, migration, segmentation and isolation for networks in regards to security related incidents.
• Experience with infrastructure migration and segmentation methodologies and techniques to contain security related incidents.
• Experience conducting routine capacity planning and making recommendations for network infrastructure and systems.
• Experience troubleshooting complex networks, analyzing configurations, and performing packet analysis leading to root cause analysis and resolution.
• Experience working collaboratively across multi-disciplinary teams as an operational subject matter expert on networking and service delivery.
• Experience collaborating with network engineers, security engineers, and other technology peers on the development and implementation of approaches, processes, and standards that promote responsiveness, efficiency, and simplification of infrastructure.
• Experience producing quality detailed technical documentation for network architecture, topology, maintenance, troubleshooting and disaster recovery
• Experience composing and maintaining up-to-date documentation on network infrastructure to include, but not limited to, technical designs, network diagrams, plans/roadmaps, purpose statements, stakeholder requirements, test plans, required personnel and hardware resources, costs estimates, and schedules.
• Although, not required, a background in software development and/or scripting is highly desirable.
• Previous experience interacting with external incident response teams is also beneficial.
• One (1) or more of the following (or similar) certifications: CISSP-ISSEP, CCNA-Security, CCDA, CCNP, CCDP

Apply here