Hunter Strategy - Palo Alto, CA

posted about 2 months ago

Full-time - Mid Level
Palo Alto, CA
Professional, Scientific, and Technical Services

About the position

The Cybersecurity Incident and Application Analyst at Hunter Strategy plays a crucial role in safeguarding our mission partners' digital assets. This position is designed for individuals who are passionate about cybersecurity and have a strong foundation in incident response and application security. The analyst will be responsible for identifying, analyzing, and responding to cybersecurity incidents, ensuring that our partners' systems remain secure and resilient against threats. The role requires a proactive approach to security, with a focus on continuous improvement and adaptation to the evolving threat landscape. In this position, the analyst will engage in various activities, including monitoring network security, assessing web application vulnerabilities, and implementing cloud security measures. The analyst will work closely with cross-functional teams to develop and refine incident response plans, ensuring that all stakeholders are prepared to respond effectively to potential security breaches. The role also involves conducting regular security assessments, identifying weaknesses in configurations, and recommending appropriate remediation strategies. The Cybersecurity Incident and Application Analyst will be expected to stay current with the latest cybersecurity trends and technologies, leveraging this knowledge to enhance our security posture. This includes participating in training sessions, attending industry conferences, and obtaining relevant certifications. The analyst will also be responsible for producing detailed reports for management and executive teams, summarizing incidents, response actions, and lessons learned to inform future security strategies.

Responsibilities

  • Monitor and analyze network security and web application security incidents.
  • Conduct assessments of cloud technologies to ensure security compliance.
  • Identify default/weak configurations, vulnerable ports, and insecure protocols.
  • Respond to computer intrusion activities and implement incident response techniques.
  • Manage the Enterprise Incident Response Cycle, including preparation, detection, analysis, containment, recovery, and post-incident analysis.
  • Create and maintain RACI charts in accordance with NIST SP 800-61.
  • Identify malicious or suspicious activities and assign appropriate criticality levels.
  • Develop and refine escalation procedures for incident response.
  • Generate lessons learned from incidents and evaluate the effectiveness of incident response plans (IRP).
  • Assist in conducting yearly incident response tests and drills.
  • Utilize FireEye technologies, IDS/IPS technologies (Palo Alto), and SIEM (Splunk) for incident detection and response.
  • Conduct vulnerability assessments using tools like Tenable.
  • Produce comprehensive reports for management and executive teams.

Requirements

  • Minimum of 2-5 years of experience in cybersecurity, specifically in incident response and application security.
  • Desired certifications include E-CIH, OSCP, GCIH, and Splunk.
  • Experience in network security and web application security.
  • Good knowledge of ports and protocols relevant to cybersecurity.
  • Deep understanding of computer intrusion activities and incident response techniques.
  • Familiarity with the Enterprise Incident Response Cycle and NIST SP 800-61.
  • Experience with FireEye technologies, IDS/IPS technologies (Palo Alto), and SIEM (Splunk).
  • Ability to identify malicious activities and assess their criticality.
  • Strong reporting skills for management and executive reviews.

Nice-to-haves

  • Experience with cloud security technologies and practices.
  • Knowledge of vulnerability detection tools beyond Tenable.
  • Familiarity with additional incident response frameworks and methodologies.

Benefits

  • Competitive salary and performance bonuses.
  • Opportunities for professional development and training.
  • Flexible work hours and remote work options.
  • Health insurance and wellness programs.
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service