1. Home
  2. Sr. Information Security Analyst-Cyber Incident Response (CIRT)

Offers “Marriott”

23 days ago
Marriott

Sr. Information Security Analyst-Cyber Incident Response (CIRT)

  • Bethesda, USA
Apply Now

Job description

Job Number 24071967
Job Category Information Technology
Location Marriott International HQ, 7750 Wisconsin Avenue, Bethesda, Maryland, United States VIEW ON MAP
Schedule Full-Time
Located Remotely? Y
Relocation? N
Position Type Management

JOB SUMMARY

 

The Cyber Incident Response Analyst is responsible for responding to both existing and emerging threats, as well as identifying attacker tools, tactics, and procedures by analyzing data from a variety of sources and tools. Through a strong understanding of attacker behavior, participates in and manages security events and incidents, and helps train and mentor other analysts. The successful candidate will possess current technical skills and strong communication skills to manage multiple investigations with often tight deadlines.

 

Required Experience and Education

·  5+ years of experience in Information Technology/Security 
·  3+ years of experience in Cyber Incident Response that must include experience in:
·  Identification and response to existing and emerging threats 
·  Identification of attacker tools, tactics, and procedures (TTPs)
·  Security data analysis from a variety of sources and tools
·  TCP/IP, DNS, SIEM, and EDR technologies (Splunk, CrowdStrike, Carbon Black, etc.)
·  Windows environments and related security controls (IDS/IPS, AV, Proxies, Firewalls, etc.) 
·  1+ years of experience with
·  Windows log analysis and memory forensics
·  Network traffic analysis
·  Undergraduate degree in computer science or related field, or equivalent work experience 
·  Ability to work flexible schedule that may include shift work

 

Attributes and Preferred Experience:

·  Development of incident response reports and documents or other similar reporting (demonstrated writing & comms skills)
·  Experience in a similarly sized organization with significant complexity
·  Strong time management skills to balance multiple activities and lead junior analysts as needed
·  Security Certification (i.e. GCIH, GCFA, CCSP, OSCP, etc.)
·  Experience writing scripts, tools, or methodologies to enhance the investigative process
·  Experience responding to cyber events in public cloud environments such as AWS, Azure, Google Cloud, etc.

Make every future a success.
  • Job directory
  • Business directory
    •