Cyber Security Senior Incident Responder
Compensation: $72,640.00 - $163,060.00 /year *
Employment Type: Full-Time
Industry: Defense/Security Clearance
Loading some great jobs for you...
Ready to make an impact? If so, read on The Cybersecurity Threat Intelligence and Response Team is seeking a candidate to support GEICO's cybersecurity threat intelligence, incident response, and computer forensic investigation activities. The successful candidate will fill a position in GEICO's Cybersecurity division and will play an important role in the protection of GEICO from threats to the confidentiality, integrity, and availability of GEICO's information systems. The candidate should have at least 1 year of successful experience in Incident Response, Computer Forensics, or related investigatory positions (e.g., criminal, fraud, etc.). Job Responsibilities: - Conduct incident response activities, including advanced investigation (forensic, malware analysis, root cause analysis etc.) to investigate potential intrusions, security incidents, and perform remediation. - Perform the activities necessary for the immediate, short-term rapid resolution of incidents to minimize risk exposure and production down-time. - Identify, respond, and mitigate sophisticated threats to GEICO computer networks, IT infrastructure and information systems. - Analyze and understand incident response processes and provide feedback to increase efficiency. - Lead development and maturation of incident response playbooks. - Provide 24 x 7 on call support for GEICO's security incident response as needed. - Respond to security events and requests in a timely manner. - Maintain a professional communicative relationship with internal departments and management to provide information throughout the incident, problem resolution, and change management cycles. - Review/Comprehend logs and apply use case scenarios into the analysis environment for building better threat detection capabilities. - Collect and analyze host-based and network-based data using computer network defense, forensic and enterprise security tools. - Work with different teams to perform computer forensic investigations. - Work with law enforcement entities when required. - Process both atomic (IOC) and narrative threat intelligence in a documented, consistent, and informed manner. - Produce cyberthreat intelligence reports in a timely manner, sharing with various levels of management and outside parties based on risk and filtered content. - Reduce time-to-detect and time-to-remediate by driving the automation of applied intelligence and sensor enrichment. - Compare cybersecurity events with intelligence research to determine adversary motive, capability, and intent. - Support cybersecurity teams with quality research and assistance in solving complex cases. - Creation or modification of scripts that will be used for connecting to various restful APIs. - Mentor associates in groups and individually. - Ability to understand complex problems while presenting them simplistically in a formal setting. - Serve as the team Subject Matter Expert (SME) as it pertains to the team's areas of responsibility (threat intelligence, threat hunting, digital forensics, and response). - Participate in proof of concepts and other technical evaluations of technologies, designs and solutions. Would you like to join our innovative team? If so, do you meet these qualifications? Technical Cyber Security Skills: - Subject matter expertise in security event identification, known threat validation and analysis, and network vulnerability analysis and reporting. - Demonstrated analytic ability to discover unknown, suspicious or exploitation activity and analyze exploitation opportunities. - Proven ability to evaluate and recommend information security enhancements, product upgrades, and tools to ensure minimal exposures to security incidents while considering business drivers and efficacy. - Experience in malware analysis, penetration testing, red team/blue team exercises and forensics. - Malware analysis/reverse engineering skills. - Exploit research and development skills. - Familiarity with PowerShell, Python and other scripting. - Familiarity with Indicators Of Compromise (IOC). - Familiarity with Threat Actor Tools, Techniques, and Procedures (TTPs). - Familiarity with Restful APIs. - Ability to work independently and as part of a larger group comprised of different technical and business areas. - Proficiency with Windows and Linux operating systems. - Strong understanding of Windows artifact analysis. - Strong analysis and troubleshooting skills. - Understanding of malware and different techniques used for detection and prevention. - Possess strong organizational and project management experience. - Experience with managing projects from design through implementation. - Able to draft, interpret and communicate policies, procedures and technical requirements. - Excellent writing and verbal communication skills, interpersonal and presentation skills and the proven ability to influence and communicate effectively. - Must be extremely flexible and able to manage multiple concurrent tasks and priorities. Preferred Tools Experience: - Experience and knowledge with Security Information and Event Management (SIEM) system and able to perform log analysis, anomaly detections, use case content creation, alert development. - Experience and knowledge with Zero Day Malware Detection Technologies. - Experience and knowledge with Digital Forensic and Incident Response tools. - Experience and knowledge with web content filtering, vulnerability scanning, and endpoint protection tools (antivirus, disk encryption, host intrusion prevention etc.). - Experience and knowledge with scripting or automation tools. - Understanding of Intrusion Detection Systems (IDS), Intrusion Protection Systems (IPS), Proxies (Web and Email), Data Loss Prevention tools. - Understanding of network analysis tools such as protocol analyzers, LAN/WAN sniffers, packet capture analysis tools. Education (DESIRED): - BS/MS Computer Science or relevant discipline desired Security Certification (Desired): o Comptia Security (Sec) must be obtained within 6 months if not possessed o GIAC Certified Incident Handler (GCIH), o GIAC Certified Forensic Analyst (GCFA), o GIAC Reverse Engineering Malware (GREM), o GIAC Cyber Threat Intelligence (GCTI), o Comptia Cybersecurity Analyst (CySA) must be obtained within 6 months if not possessed, o Certified Information Systems Security Professional (CISSP) About Geico For more than 75 years, GEICO has stood out from the rest of the insurance industry We are one of the nation's largest and fastest-growing auto insurers thanks to our low rates, outstanding service and clever marketing. We're an industry leader employing thousands of dedicated and hard-working associates. As a wholly owned subsidiary of Berkshire Hathaway, we offer associates training and career advancement in a financially stable and rewarding workplace. Our associates' quality of life is important to us. Full-time GEICO associates are offered a comprehensive Total Rewards Program, including: 401(k) and profit-sharing plans Medical, dental, vision and life insurance Paid vacation, holidays and leave programs Tuition reimbursement Associate assistance program Flexible spending accounts Business casual dress Fitness and dining facilities (at most locations) Associate clubs and sports teams Volunteer opportunities GEICO Federal Credit Union Benefit offerings for positions other than full-time may vary. GEICO is an equal opportunity employer. GEICO conducts drug screens and background checks on applicants who accept employment offers. How to Apply Click 'Apply for Job' to complete your application. You will need an active email address and phone number. Please upload your resume, preferably as Word .doc files or PDF. Once you begin your application you can save it and access it later. Your application should include any work and/or internship experience from at least the past five years. LI-AM1 - provided by Dice
* The salary listed in the header is an estimate based on salary data for similar jobs in the same area. Salary or compensation data found in the job description is accurate.
Loading some great jobs for you...