Cybersecurity Incident Response Analyst

Position Overview

The Cybersecurity Incident Response Analyst is an exciting entry point for those wishing to begin their career in cybersecurity! This role functions as a Tier 2 resource in Clario’s Security Operations Center (SOC) team, providing initial response and triage of events identified in the Security Incident and Event Management (SIEM) platform. In addition, this role will assist in scripting automated responses to defined detections, conducting basic threat hunting exercises, and gathering threat intelligence to process among other high-impact tasks. Successful candidates will be highly motivated to learn, adapt to changing situations, and take initiative on items that need to be addressed.

Employment Type

Full-time

Requirements

• Education:
  • Bachelor's in Information Systems or related field.
  • Note: Associate's degree may be considered based on relevant experience and certifications.
• Certifications (Preferred):
  • Relevant Security Certifications (e.g., CEH, Pentest+, LPT, CEPT, GPEN, GWAPT, CPT, OSCP).
• Experience:
  • 0-3 Years of Information Security experience, preferably with Security Engineering or Security Operations roles or projects.
• Skills and Knowledge:
  • Basic understanding of security operations concepts such as adversary TTPs, perimeter defense, insider threat, kill-chain analysis, incident response, and security metrics.
  • Familiarity with Endpoint Detection Response (EDR), Firewalls, Intrusion Prevention Systems (IPS), Security Incident and Event Management (SIEM), and Email Security tools.
  • Analytical and critical thinking skills, including being detail-oriented.
  • Strong troubleshooting, reasoning, and problem-solving skills.
  • Ability to work as a team player and autonomously.
  • Knowledge of Networking (including the OSI Model, TCP/IP, DNS, HTTP, SMTP).
  • Knowledge of Cloud Computing (AWS preferred).
  • Knowledge of System Administration.
  • Knowledge of Security Architecture.
  • Scripting experience is preferred, especially PowerShell and Kusto Query Language (KQL).
  • Ability to interact with technical and non-technical audiences.

Note: The Department Head has the discretion to hire personnel with a combination of experience and education, which may vary from the above-listed qualifications.

Responsibilities

• Serve as a Tier 2 analyst in Clario’s SOC, triaging and conducting investigations into events raised in the SIEM, other security tools, and escalations from Tier 1.
• Identify false positive events and validate & remediate true positive events.
• Initiate containment actions as well as escalation for incidents.
• Support interdepartmental activities for containment, remediation, root cause analysis, and documentation of incidents.
• Conduct or assist in routine maintenance of tools including EDR, SIEM, IPS signatures, and other security tools.
• Maintain, create, and update process documentation as well as team runbooks for operations.
• Assist in scripting automated responses to defined detections.
• Conduct basic threat hunting exercises.
• Gather threat intelligence for processing.

Other Duties and Responsibilities

• Cross-functional duties as assigned with Threat and Vulnerability Management, Security Engineering, and Product Security Testing.
• Other duties and responsibilities may be assigned, as required.
• Employees are expected to adhere to company policies and company SOPs at all times.

Company Information

Clario is an equal opportunity employer. Clario evaluates qualified applicants without regard to race, color, religion, gender, national origin, age, sexual orientation, gender identity or expression, protected veteran status, disability/handicap status, or any other legally protected characteristic.

Note: This job description and any attachments do not constitute or represent a contract. This JOB description should not be deemed all-inclusive. Additional requirements and expectations may be assigned. The Company reserves the right to amend or change this job description to meet the needs of the Company.