Be an initial evaluation point for all security-related tickets that come into the team's multiple queues (including triage, containment, and remediation)
Understand the basic incident response lifecycle
Excel at documentation and detailed notetaking, including SOP writing, incident reporting, email and instant messaging etiquette, and most importantly, documenting incident actions
Collect and analyze log data from complex, virtualized, multi-site computing environments and SNHU's technology ecosystem
Conduct real-time monitoring of security events from multiple sources and use analytical and problem-solving skills to identify, triage, analyze, investigate, and escalate information security events and alerts
Analyze digital evidence to identify indicators of compromise, adversary activity, root cause, incident timelines, and attack vector(s)
Perform incident response activities like endpoint isolation, malware remediation, forensic analysis, malware analysis, community member interviews, and network traffic analysis
Perform investigation and escalation for complex or high severity security threats or incidents
Coordinate information security incident response according to SNHU's Information Security Incident Response Plan
Communicate with partners, in a non-technical manner, at all organizational levels as part of incident response and remediation activities
Design and implement or monitor information security incident remediation plans
Design and manage security tools (e.g. Splunk, Halcyon, Microsoft Defender, Tenable)
Design, deploy, and manage detections and alerts for specific or common threat conditions
Design and implement standard operational processes for handling common incident types
Maintain automation scripts and other tools to enhance security operations efficiency
Familiarity with enterprise security tools like Splunk, Tenable, Proofpoint tools, Microsoft Defender components, Office 365 tools, PowerShell, and multiple network tools
Demonstrate a deep source of ethics, integrity, and confidentiality
Can remain calm and function at the highest level during a crisis
Remain up to date on latest threat intelligence
Develop strategies and solutions that improve or mitigate the risks associated with these threats
Work cross-functionally across ITS and all SNHU departments to provide guidance, and technical implementations to include triage, containment, and remediation when applicable
Provide customer support according to SNHU's Core Values and understand how and when to escalate potential issues
Help with risk management, vulnerability management, security assessment, auditing, and security authorization projects, as directed by the university's Information Security Management team
Provide mentoring to junior analysts
Other responsibilities as assigned

Requirements

5+ years experience in information technology or Cyber Security Operations
2+ years working in a security operations center (SOC), a cybersecurity operations center or on a cybersecurity incident response team
Professional Certifications like: ISC2 CISSP Certification, SANS GIAC, GSEC, GCIH, GCFA, GCDA, GMON, GCED, GSOC or other relevant industry certification
Experience collecting, organizing, and analyzing data gathered from SIEM, IPS, NAC, vulnerability scanners, Windows/Linux operating system logs, network scanners, log aggregation tools, Endpoint Detection and Response (EDR) tools, and other platforms in the environment that enable enterprise-wide security monitoring
Experience with MITRE ATT&CK framework.

Benefits

High-quality, low-deductible medical insurance
Low to no-cost dental and vision plans
5 weeks of paid time off (plus almost a dozen paid holidays)
Employer-funded retirement
Free tuition program
Parental leave
Mental health and wellbeing resources

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

incident responselog analysismalware remediationforensic analysisnetwork traffic analysisrisk managementvulnerability managementsecurity assessmentdata analysisdocumentation

Soft Skills

problem-solvingcommunicationcalm under pressurementoringcross-functional collaborationattention to detailethical integritycustomer supportorganizational skillsadaptability

Certifications

CISSPGIACGSECGCIHGCFAGCDAGMONGCEDGSOC