Cyber Incident Response Lead

Job not on LinkedIn

September 11

Apply Now

Receive Emails with Similar Jobs

Experian

WebsiteLinkedInAll Job Openings

Artificial Intelligence • B2B • SaaS

Experian is a global leader in digital experience, technology, and transformation. They partner with recognized brands to enhance customer understanding, innovate product strategies, and implement agile technology solutions. With a focus on delivering superior customer experiences through AI, cloud architecture, and project management, Experian helps businesses streamline their operations and achieve their objectives effectively.

10001 employees

Founded 1996

🤖 Artificial Intelligence

🤝 B2B

☁️ SaaS

📋 Description

• Conduct advanced incident response activities to investigate and contain complex or larger-scale cybersecurity matters • Orchestrate workstreams across teams (Forensics and Cyber Threat Hunting) and explain the CFC's overall understanding of the timeline of attacker activity • Respond to cybersecurity events and alerts associated with threats, intrusions, or compromises per any applicable SLOs • Manage multiple cases related to security incidents throughout the incident response lifecycle, including Analysis, Containment, Eradication, Recovery, and Lessons Learned • Coordinate successful conclusion of security incidents according to Process & Procedures, and escalate severe incidents according to Experian's Incident Response Plan • Maintain case documentation, including notes, analysis findings, containment steps, and cause for each assigned security incident • Maintain assigned caseload and move incidents through each phase of the IR Lifecycle, handing off cases as needed for progress • Maintain an understanding of common Operating Systems (Windows, Linux, Mac OS), Security Technologies (Anti-Virus, Intrusion Prevention), Cloud Security investigations and response tools, and Networking (Firewalls, Proxies) • Interpret device and application logs from a variety of sources (Firewalls, Proxies, Web Servers, System Logs, Splunk, Packet Captures) to identify the root cause and determine the next steps for containment, eradication, and recovery • Support overall direction for the CFC and input to the security strategy • Mentor and provide advanced support to analysts (Logs review, IP Block question)

🎯 Requirements

• 8+ years of experience working within cybersecurity or information technology roles, at least 4+ of which includes working as an investigator, analyst, or leader in a Cyber Incident Response Team • Bachelor's Degree in Computer Science, Computer Engineering, Information Systems, Information Security, or a related field • 11+ years of experience working within a Security Operations Center, Incident Response Team, law enforcement, or military experience may be accepted in lieu of this requirement • Knowledge of network protocols (TCP/IP, UDP, ICMP) • Knowledge of standard protocols (HTTP/S, DNS, SSH, SMTP, SMB) • Knowledge of wireless networking, networking infrastructure, and network topologies (DMZ, VPN, WAN) • Knowledge of network technologies (WAF, IPS, Routers, or Firewalls) • Experience with commercial and open-source SIEMs, full packet capture tools, and network analysis tools (Splunk, Wireshark, SOF-ELK) • Experience using common Incident Response and Security Monitoring applications such as SIEM (Splunk), EDR (MDE), Tanium, WAF, IPS • Preference for candidates to have at least one certification involving incident response, ethical hacking, cyber security (GCIH, E CEH, E CIH), or network forensics (GNFA, CNFE) • Hold one Security Management certification (ISC2 CISSP, CISM) or obtain such certification within the first two years as a Cyber Incident Response Lead • Preference for candidates based in Mountain or Pacific Time Zone, candidates in other U.S. time zones will also be considered

🏖️ Benefits

• Great compensation package and bonus plan • Core benefits including medical, dental, vision • Matching 401K • Flexible work environment (remote, hybrid or in-office) • Flexible time off including volunteer time off, vacation, sick and 12-paid holidays • 20 Days Flexible Time Off • Explore benefits link: https://yourexperianbenefits.com/cand-index.html • World's Best Workplaces™ 2024 recognition and other awards