Cybersecurity Analyst Lead (Incident Response)

Washington Metropolitan Area Transit Authority - Alexandria, VA

posted 10 days ago

Full-time - Senior
Alexandria, VA
Transit and Ground Passenger Transportation

About the position

The Cybersecurity Analyst Lead (Incident Response) at WMATA is responsible for leading the incident response efforts within the Cyber Fusion Center. This role focuses on continuous monitoring, investigation, and remediation of security events to protect critical transit infrastructure. The analyst will develop processes for threat detection and response, optimize security tools, and provide mentorship to junior analysts. The position requires collaboration across various teams to enhance the organization's cybersecurity posture and ensure rapid response to incidents.

Responsibilities

  • Lead the incident response efforts and oversee the Cyber Fusion Center's operations.
  • Develop and follow processes for threat detection and response.
  • Optimize SIEM rules, alerts, and other security tools to enhance visibility and improve incident response.
  • Provide leadership and mentorship to junior analysts to enhance their skills.
  • Create new playbooks to optimize automation workflows as needed.
  • Manage proactive detection of threats by importing Indicators of Compromise (IOCs) into monitoring tools.
  • Conduct root cause analysis to understand the origin and spread of incidents.
  • Collaborate with teams across incident response, threat intelligence, and threat hunting activities.
  • Analyze threat information from multiple sources and synthesize intelligence for actionable insights.
  • Generate routine and ad hoc reports to inform senior leaders about the security posture.

Requirements

  • Bachelor's degree from an accredited college or university.
  • Six years of experience as a cybersecurity officer/engineer or in a related field.
  • Extensive experience in incident response and cybersecurity.
  • Strong leadership and mentorship skills.
  • Proficiency with SIEM, IDS/IPS, EDR systems, and cloud environments.
  • Excellent analytical and problem-solving skills.

Nice-to-haves

  • Bachelor's Degree in Computer Science, Cybersecurity, or a related technical field.

Benefits

  • Hybrid work opportunity allowing flexibility between virtual and in-person work.
  • Medical examination for the position, if required.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service