IT Security Incident Response Analyst

About the position

The IT Security Incident Response Analyst at Lincoln Financial Group plays a crucial role in safeguarding the organization's information systems. This position is responsible for continuously monitoring the alert queue, investigating security alerts, and ensuring the health of security sensors and endpoints. The analyst will collect data and context necessary to initiate incident response (IR) actions. The role requires maintaining multiple security technologies that are essential for detecting and preventing IT security incidents. In this position, the analyst will be tasked with the correlation and initial triage of security events and indicators generated by security monitoring tools. This involves determining the scope, urgency, and potential impact of incidents. The analyst will document incidents from the initial detection phase through to final resolution, ensuring a comprehensive record of all actions taken. Additionally, the role includes performing incident response functions, which encompass host-based analysis on various operating systems, including Windows, Linux, and Mac OS X, to identify suspicious and malicious activities. The analyst must maintain expertise in operating systems and their artifacts to assist in investigations. Analyzing different data types from various sources within the enterprise is also a key responsibility, as it helps draw conclusions regarding past and potential current security incidents. The position requires providing after-hours support on a rotational basis to address critical incidents and maintain continuous coverage. Furthermore, the analyst will engage in threat hunting exercises to proactively discover threats that may evade existing security mechanisms, using this information to enhance the organization's cyber resilience. The role also involves creating and modifying SIEM dashboards to monitor activity effectively and tuning security tool policies to reduce false positives and improve detection capabilities.