Incident Response Analyst

Please note that we will never request payment or bank account information at any stage of the recruitment process. As we continue to grow our teams, we urge you to be cautious of fraudulent job postings or recruitment activities that misuse our company name and information. Please protect your personal information during any recruitment process. While Monks may contact potential candidates via LinkedIn, all applications must be submitted through our official website ( monks.com/careers ).

Position description:

We are looking for an Incident Response Analyst who is able to analyze security events and investigate potential incidents, validate and manage high priority incidents while providing comprehensive written root-cause analysis to security teams stakeholders, utilize tooling to contain minimize overall impact while escalating unresolved incidents to security engineering teams, maintain continuously update incident response plans and runbooks for more efficient incident response.

This person will be responsible for monitoring security alerts and events in order to identify remediate security incidents across various on-prem and cloud based solutions. We are looking for someone who is passionate about what they do, and not afraid to speak up or make suggestions.

Key accountabilities:

• Develop operational procedures to implement and continually improve the incident response process.
• Monitor security alerts within the tech stack, and investigate any potential security incidents.
• Analyze the alerts received to classify and assess the impact, managing high priority incidents, including communication to the business, facilitating root cause analysis and resolution.
• Perform cyber security investigations as part of the incident analysis.
• Coordinate with other departments the remediation tasks to be performed and escalate unresolved incidents.
• Perform post-mortem analysis to identify root causes and design controls or measures to prevent future incidents.
• Write comprehensive investigation reports capturing investigation details and root cause analysis aligned knowledge of modern Tactics, Techniques, and Procedures (TTPs).
• Collaborate with content production for security awareness.

Minimum Qualifications:

• 3+ years of experience in similar roles
• Bachelor s degree in Computer Science/Engineering/Information Security
• Working ITIL knowledge and experience or similar
• Functional knowledge of the MITRE ATTCK framework
• Experience with log analysis, malware analysis, and/or forensic analysis
• Hands-on experience with industry leading security tools: EDR, SWG, SIEM, MDM

Qualities:

• Good communication
• Ability to confidently present findings to those with either a technical or non-technical background.
• Self-directed, resourceful, and a critical thinker with attention-to-detail and proactive problem-solving skills.
• Ability to self-organize and plan activities with commitment towards results.
• Ready to learn new contents both from others or self-learned.
• Passionate about self-improvement and suggesting improvements to processes or activities.

Preferred Qualifications:

• InfoSec Certification (e.g. CISSP, Comptia Sec+, CEH, etc)
• Cloud experience (AWS, Azure, GCP) in a production environment
• Scripting experience (Python, Perl, Powershell, etc)
• Experience in Blue/Red/Purple team engagements

#LI-VK1