As a critical team member of the Equifax Security Incident Response Team, you will drive our incident response and analytic capabilities, positioning the Team to become more capable of handling today's security challenges.
The Incident Responses Analyst will possess technical knowledge and experience performing incident response, threat hunting, network and system monitoring, malware analysis, and has performed cyber incident related digital forensics.
The Incident Responses Analyst will include a robust assortment of security projects that support the Global Security team.
As part of the Global Security team, the Incident Responses Analyst helps ensure company, system, and data preservation by performing immediate, effective, skillful and comprehensive response into global computer security incidents;
and to contribute to the prevention of such incidents by engaging in threat hunting, proactive threat modeling, incident trend analysis, and developing monitoring and detection strategies.
Join the Equifax security team and enjoy a career with some of the best and brightest professionals in the market.
Additional responsibilities of the Incident Responses Analyst include :
Provide tiered technical resolution for security incidents and SOC service requests with an emphasis on Tier 3 and greater
Conduct host and network analysis, forensics, log analysis, and malware triage in support of incident response investigations
Identify attacker tools, tactics, and procedures in indicators of compromise (IOCs) that can be applied to current and future investigations
Build scripts, tools, or methodologies to enhance incident investigation processes
Ability to hunt for IOCs based on attack surface and implement for SOC security monitoring
Develop monitoring dashboards based on thresholds or signatures for security alerting / automated case creation
Experience with host and / or network log analysis as applied to incident response / threat hunting
Effectively communicate investigative findings and strategy to stakeholders including technical staff, executive leadership, and legal counsel
Perform analysis of complex datasets to produce relevant intelligence products
Leverages ability to identify new attack TTPs and recommend mitigation techniques
Will use disparate data sources and evidence to detect and decipher abnormalities in various log formats, with a primary focus on the internal threat landscape
Ability to follow established processes and to improve as needed
Required Skills of the Incident Responses Analyst :
5+ years' general information security experience
3+ years' direct experience in a Security Incident Response role
Ability to work in a highly collaborative environment with multiple business partners
Experience with cyber kill chain and IT security frameworks such as NIST, critical security controls and MITRE ATT&CK matrix
Knowledge of tools used for network security (DLP, NIPS, HIPS, AV, Firewalls, etc.)
Mastery of Unix and Windows operating system functionality
Proficient in the use of the varied and diverse log analysis and forensic tools
Thorough understanding of network protocols
Core Competencies of the Incident Responses Analyst :
Strong research, analytic, writing and briefing skills
Ability to effectively manage multiple, concurrent activities, while understanding and managing priorities, dependencies and risk
Expert capabilities to research, create, develop and deliver professional briefings, multimedia presentations, and written reports to both operational and senior leadership levels
Ability to work independently, as well as mentoring other team members
Ability to work or be on-call during off hours
Demonstrated flexibility, initiative, judgment and discretion
English language proficiency
Willingness to learn new tools and processes and proven track record of learning new technologies, methodologies, and skills
Organizational, time management, customer service and problem-solving skills
Bachelor's degree (or equivalent experience) required
Certifications such as GIAC (GCIA, GCIH, GSEC, GCFA, GCFE, etc.), CISSP, CEH or related certification(s) desired