SIRT - Network Analyst
Job Description Summary
Concentrix Corporation, a global leader in Customer Experience Solutions, is seeking a Cybersecurity Security Incident Response Team Network Analyst, ultimately reporting to the Director of Security Incident Response Team (SIRT), within the Concentrix Global Security team.
The SIRT Network Analyst will be responsible to provide technical assistance during security incident response events and security escalations. You will work with a team of technical specialists and will act as the focal point of contact for SIRT, supporting local and extended team members with critical incidents impacting Concentrix users, systems, infrastructure, and resources. You will be responsible for collecting artifacts, reviewing systems and logs, searching for indicators or issues, and offering recommendations for containment and resolution.
This role will collaborate and align closely with the Cyber Defense, Cyber Threat Operations, Threat Intelligence, and Vulnerability Management teams to enhance prevention, detection, response, and remediation capabilities.
This is an individual contributor role who will be focused on providing technical analysis with a networking focus to cyber security incidents and actively working them towards closure. This role will exhibit leadership over security events and appropriate personnel related to an event, to ensure command and control of the situation. This role will be expected to mentor others and cross-train with peers to expand their depth and knowledge.
Essential Functions and Responsibilities:
+ Provide technical expertise with a networking focus during 24x7x365 security incidents impacting mission critical business and IT infrastructure, including supporting global incident management and response, remediation, and reporting.
+ Responsible for working alongside, and understanding in-depth technical teams (e.g., I.T., Security Operations Center, Threat Operations, Legal, HR, Privacy).
+ Conduct analysis on networking systems for control gaps, misconfigurations, or issues during security events.
+ Conduct analysis on networking systems and network logs, such as Routers, Switches, Network Firewalls, Web Application Firewalls, DNS systems.
+ Ability to articulate details in real time and during post-event situations to the Incident Response coordinator so they are well informed of the required information.
+ Ability to provide analysis and management over multiple incidents concurrently.
+ Ability to accurately triage incoming events and/or escalations to determine viability for action from the SIRT, and capability to push back on potential false escalations that do not meet these criteria.
+ Recognize and promptly identify critical situations which could result in significant business, regulatory, and reputation impact to Concentrix or its partners, and communicate appropriately.
+ Document root cause analysis and lessons learned for long term remediation efforts.
+ Contribute and support other special projects and initiatives in support of the Global Security team.
+ Provide and propose solutions to peer groups focusing on reducing our attack surface and exposure to cybersecurity and fraud related incidents targeting Concentrix's global infrastructure.
+ Perform forensic evidence collection (on-site and remotely), digital evidence preservation, and maintain chain of custody.
+ Ensure defensible and repeatable collection and preservation of electronically stored information (ESI).
+ Responsible for documenting and generating examination reports to communicate findings to technical and non-technical stakeholders; and provide actionable recommendations when necessary.
+ Assist with developing, documenting, and improving the digital forensic and network forensic policies, processes, and SOPs.
+ Stay abreast of emerging digital forensic trends, technologies, and techniques.
+ Evaluate, test, recommend, and integrate new Electronic Discovery and/or Computer Forensic tools and technologies.
+ Establish unique and creative solutions to problems on the fly to successfully perform critical tasks.
+ Ability to work with a remote, diverse, and global workforce.
+ 7+ years of experience in multiple verticals, such as I.T. operations, Computer Network Engineering, and/or Cybersecurity, in an Incident Response capacity OR 5+ years as a Cybersecurity Digital Forensics Incident Responder.
+ Prior experience in multiple industry verticals, such as finance, government, retail, and/or manufacturing, highly desired.
+ BS/MS degree in Computer Science, Computer Engineering, Cybersecurity OR equivalent experience including industry certifications.
+ One of following certifications is highly desired: GCIH, E|CIH, CERT-CSIH, GSEC
+ One or more of the following certifications recommended: CISSP, CISM, CCNP, CCNA, Security+, Network+ Working knowledge of computer operating systems (Windows, Mac OS, Linux), computer networking (ports, protocols, fundamentals), SANS Critical Security Controls, and NIST Special Publications 800-37, 800-53, & 800-61
+ Familiarity with common frameworks and data privacy regulations such as GLBA, GDPR, SOX, PCI-DSS, NIST, and law enforcement guidelines.
+ Knowledge of basic cyber forensic methodology, including but not limited to: Evidence preservation and collection, chain of custody, data recovery, data analysis, and reporting.
+ Excellent communication and presentation skills, ability to concisely deliver information during crisis situations to all stakeholders.
+ Ability to travel domestically and internationally (Infrequent; as absolutely necessary; <10%)
+ An understanding or proficiency in multiple languages is highly desired.
+ Oral and written fluency in English is required.
This is a full-time direct hire position
No sponsorship is currently available
No third-party firms
USA, MI, Work-at-Home
- 24/7 Services
- Apple Ios
- Application Firewall
- Certified Information Security Manager
- Certified Information Systems Security Professional
- Cisco Certified Network Associate