Cybersecurity Analyst Lead (Incident Response)

Washington Metropolitan Area Transit Authority

posted 10 days ago

Full-time - Senior
Transit and Ground Passenger Transportation

About the position

The Cybersecurity Analyst Lead (Incident Response) at the Washington Metropolitan Area Transit Authority (WMATA) is responsible for overseeing the continuous monitoring, investigation, and remediation of security events to protect critical transit infrastructure. This role involves developing processes for threat detection and response, optimizing security tools, and providing leadership and mentorship to junior analysts. The position requires participation in on-call duties and collaboration with various teams to enhance incident response capabilities and ensure the safety and resilience of WMATA's infrastructure.

Responsibilities

  • Monitor, investigate, and remediate security events using various tools.
  • Develop and follow processes for threat detection and response.
  • Optimize SIEM rules, alerts, and other security tools to enhance visibility.
  • Provide leadership and mentorship to junior analysts.
  • Create new playbooks to optimize automation workflows.
  • Manage proactive detection of threats by importing Indicators of Compromise (IOCs).
  • Conduct root cause analysis to understand the origin and spread of incidents.
  • Collaborate with teams across incident response and threat intelligence.
  • Perform behavioral analysis to identify insider threats.
  • Generate routine and ad hoc reports to support enhanced security procedures.

Requirements

  • Bachelor's degree in Computer Science, Cybersecurity, or a related technical field.
  • 6 years of experience in cybersecurity, incident response, or information systems security.
  • Strong leadership and mentorship skills.
  • Proficiency with SIEM, IDS/IPS, EDR systems, and cloud environments.
  • Excellent analytical and problem-solving skills.

Nice-to-haves

  • Experience with NIST standards.
  • Knowledge of enterprise architecture and threat detection & response.
  • Familiarity with analytics and incident response processes.

Benefits

  • Hybrid work opportunity allowing flexibility between virtual and in-person work.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service