Cyber Analyst, Digital Forensics Incident Response
At-BaySalary not specified
- Full Time
- Junior (1 to 2 years), Mid-level (3 to 4 years)
Not SpecifiedCompensation
Senior (5 to 8 years)Experience Level
Full TimeJob Type
UnknownVisa
Cybersecurity, Information SecurityIndustries
Job Description: Cyber Fusion Center Analyst
Salary: Not Specified
Location Type: Remote
Employment Type: Full-time
Company Description
Experian is a global data and technology company, powering opportunities for people and businesses around the world. We help to redefine lending practices, uncover and prevent fraud, simplify healthcare, create marketing solutions, and gain deeper insights into the automotive market, all using our unique combination of data, analytics and software. We also assist millions of people to realise their financial goals and help them save time and money.
We invest in people and new advanced technologies to unlock the power of data. As a FTSE 100 Index company listed on the London Stock Exchange (EXPN), we have a team of 22,500 people across 32 countries. Our corporate headquarters are in Dublin, Ireland.
[Find out what its like to work for Experian by clicking here](Not Specified)
Position Overview
As a member of Experian's Global Security Office (EGSO) / Cyber Fusion Center (CFC), you will be responsible for responding to, containing, escalating, investigating, and coordinating mitigation of security events. This involves addressing anomalies detected and escalated by the Cyber Fusion Centre (CFC) in accordance with Experian's Incident Response Plan. You will join a new, growing team of specialized, advanced responders to support escalations of complex or prioritized matters from Experian's existing 24x7 security monitoring and response functions. Your role will be crucial in responding to and analyzing security incidents involving threats targeting Experian information assets, which may include phishing, malware, network attacks, and suspicious activity. You will collaborate with end-users, partners, technical support teams, and management to ensure remediation and recovery from these threats. Utilizing analytics and data collected from endpoints, environmental logging, and various other sources, you will maximize containment and eradication of threats while expediting business recovery.
Note: This position has a regular Monday – Friday schedule with the expectation to participate in an on-call schedule or work outside of normal work hours to manage cybersecurity incidents.
You will report to the CFC Senior Director of Incident Management and Security Operations.
Main Responsibilities
- Conduct advanced incident response activities to investigate and contain complex and larger-scale cybersecurity matters (such as potential major severity incidents).
- In the event of investigative matters requiring additional analytical support from teams such as Forensics and Cyber Threat Hunt workstreams, express the CFC's overall understanding of the timeline of attacker activity to coordinate appropriate containment and remediation actions.
- Respond to cybersecurity events and alerts associated with threats, intrusions, and compromises per any applicable Service Level Objectives (SLOs).
- Manage multiple cases related to security incidents throughout the incident response lifecycle, including Analysis, Containment, Eradication, Recovery, and Lessons Learned.
- Maintain case documentation, including notes, analysis findings, containment steps, and cause for each assigned security incident.
- Maintain an understanding of common Operating Systems (Windows, Linux, Mac OS), Security Technologies (Anti-Virus, Intrusion Prevention), and Networking (Firewalls, Proxies).
- Interpret device and application logs from a variety of sources (e.g., Firewalls, Proxies, Web Servers, System Logs, Splunk, Packet Captures) to identify cause and determine next steps for containment, eradication, and recovery.
- Provide advanced support to analysts (e.g., logs review, IP block questions).
- Mentor other analysts on process questions and tool usage.
Qualifications
- Must have knowledge of network protocols (TCP/IP, UDP, ICMP), standard protocols (HTTP/S, DNS, SSH, SMTP, SMB), wireless networking, networking infrastructure, and network topologies (DMZ, VPN, WAN).
- Must have knowledge of network technologies (WAF, IPS, Routers, Firewalls).
- Experience: Not Specified
Skills
Incident Response
Security Monitoring
Threat Analysis
Malware Analysis
Network Security
Log Analysis
Containment and Eradication
Recovery Procedures
Collaboration with Technical Teams
Data Analytics
Expedia
Travel booking platform for flights, hotels, rentals
About Expedia
Expedia Group operates in the travel industry, offering a wide range of services for travelers and travel-related businesses. It connects users with options for flights, hotels, car rentals, vacation packages, and activities through its various brands, including Expedia, Hotels.com, and Vrbo. Travelers can easily find and book trips that match their preferences and budgets. The company earns revenue primarily through commissions on bookings and advertising from travel service providers looking to promote their offerings. Additionally, Expedia Group supports its partners by providing access to valuable data and technology, helping them improve their operations and grow their businesses. The goal of Expedia Group is to create a seamless travel experience for users while maximizing the potential of its partners.
Bellevue, WashingtonHeadquarters
1996Year Founded
$3,277.3MTotal Funding
IPOCompany Stage
Consumer Goods, EntertainmentIndustries
10,001+Employees