Sr. Incident Response Analyst - SIRT (REMOTE)

Company: GEICO
Location: Potomac
Posted on: November 24, 2022

Job Description:

Come reimagine insurance with us!

GEICO's Security Incident Response Team is looking for a highly motivated, confident, decisive, experienced Sr. Incident Response Analyst . As a member of SIRT, you will be the front-line responder combating cybersecurity threats against GEICO and their customers by handling security events. You will be challenged with rapidly changing incidents where attackers use the latest cutting-edge technology in their attempt to breach GEICO. You will conduct incident response activities, including advanced investigation (malware analysis, threat actor analysis and attribution, root cause analysis), response, and remediation.

Responsibilities:
Identify, detect, respond, and mitigate sophisticated threats to GEICO
Perform incident response functions including: Host-based analysis of Windows, Linux and Mac operating systems
Examine data collected from a variety of tools and sources (e.g., IDS alerts, firewall logs, web logs, network traffic logs) to identify IOCs and/or malicious TTPs

Review/Comprehend log data and apply use case scenarios in effort to further develop threat detection and incident response capabilities
Analyze events that occur within their environments for the purposes of mitigating threats

Required Qualifications:
4+ years of Incident Response experience
Knowledge of digital forensics and incident response best practices
Demonstrated experience performing root cause analysis of security events and incidents
Knowledgeable with security frameworks (E.g. - MITRE ATT&CK framework)
Ability to understand security control mechanisms for Windows, Linux, and Mac operating systems
Knowledge of computer networking concepts and protocols, and network security methodologies
Knowledge of common threat actor TTPs
Proficient in scripting languages such as Bash, Python, Perl, and PowerShell
Ability to apply strong critical thinking, logic, decision making, troubleshooting, and problem-solving skills
Strong written and oral communication skills
Ability to work independently and as a team member
Ability to handle advanced-level triage and troubleshooting
Ability to produce technical documentation, such as Visio flows and processes
Ability to understand complex problems while presenting them simplistically in a formal setting
Ability to learn and apply large amounts of technical and procedural information, and to follow published standards and processes.
Ability to follow complex instructions, resolve conflicts or facilitate conflict resolution, and have strong organization/priority setting skills.
Ability to analyze Windows systems for changes that occur during a specific timeframe.
Ability to analyze network packet captures
Knowledge of cloud computing technologies and concepts (SaaS, PaaS, IaaS, etc.)
Knowledge in cyber defense systems and mechanisms. (e.g., NIPS, anti-malware, restrict/prevent external devices, spam filters)

Desired certifications (at least one):
GIAC Certified Incident Handler (GCIH)
GIAC Certified Forensic Examiner (GCFE)
GIAC Certified Forensic Analyst (GCFA)
GIAC Reverse Engineering Malware (GREM)
GIAC Defending Advanced Threats (GDAT)
GIAC Cyber Threat Intelligence (GCTI)
Certified Ethical Hacker (CEH)
CompTIA Cybersecurity Analyst (CySA+)
Certified Information Systems Security Professional (CISSP)

Benefits:

At GEICO, we make sure you have the support and resources to leverage and develop your skills, secure your financial future, and take care of your health and well-being. GEICO continually seeks to provide a workplace where everyone can be their authentic self. To help achieve this goal, we support associate-led Employee Resource Groups that foster a true sense of community. Through GEICO's competitive benefits offerings and various training and development opportunities, we have you covered with our Total Rewards Program * that includes:

Premier Medical, Dental and Vision Insurance with no waiting period**
Paid Vacation, Sick and Parental Leave
401(k) Plan
Tuition Reimbursement
Paid Training and Licensures

*Benefits may be different by location. Benefit eligibility requirements vary and may include length of service.

Coverage begins on the date of hire. Must enroll in New Hire Benefits within 30 days of the date of hire coverage to take effect.

GEICO is proud to be an equal opportunity employer. We are committed to cultivating an environment where equal employment opportunities are available to all associates and job applicants regardless of race, color, religious creed, national origin, ancestry, age, gender, pregnancy, sexual orientation, gender identity, marital status, familial status, disability or genetic information, in compliance with applicable federal, state and local law. GEICO celebrates diversity and believes it is critical to our success. As such, we are committed to recruit, develop and retain the most talented individuals to join our team.

#LI-RD2

Keywords: GEICO, Potomac , Sr. Incident Response Analyst - SIRT (REMOTE), Professions , Potomac, Maryland