Senior Information Security Analyst - Cyber Incident Response Team

$83,550 - $178,603/Yr

Marriott International - Lincoln, NE

posted 4 months ago

Full-time - Mid Level
Hybrid - Lincoln, NE
Accommodation

About the position

The Cyber Incident Response Analyst is a critical role within Marriott International, responsible for responding to both existing and emerging cyber threats. This position requires a deep understanding of attacker behavior and the ability to analyze data from various sources and tools to identify attacker tools, tactics, and procedures (TTPs). The analyst will participate in and manage security events and incidents, ensuring that the organization is prepared to handle any potential threats effectively. The successful candidate will possess strong technical skills, excellent communication abilities, and the capacity to manage multiple investigations under tight deadlines. In this role, the analyst will conduct host forensics, network forensics, and log analysis to support incident response investigations. They will handle escalations from both internal and external sources, quickly triaging and responding to threats as necessary. Utilizing advanced technology platforms and security tools, the analyst will conduct large-scale investigations and collect endpoint and network-based evidence. Additionally, they will develop and present comprehensive reports tailored for technical, executive, and non-security stakeholders, ensuring that all parties are informed and engaged in the incident response process. The Cyber Incident Response Analyst will also provide technical subject matter expertise related to strategic projects and initiatives that enhance the maturity and capability of the Incident Response team. This includes developing and following detailed operational processes and procedures to analyze, escalate, and assist in the remediation of information security-related incidents. Mentoring and training junior analysts will be a key component of this role, as the analyst will help advance their skills and introduce new methods for monitoring and detecting threats. The position requires flexibility, including the possibility of shift work, to meet the business and operational needs of the organization.

Responsibilities

  • Respond to existing and emerging cyber threats.
  • Identify attacker tools, tactics, and procedures (TTPs).
  • Conduct host forensics, network forensics, and log analysis in support of incident response investigations.
  • Handle escalations from internal and external sources to triage and respond to threats.
  • Utilize technology platforms and security tools for large-scale investigations.
  • Develop and present comprehensive reports for technical and non-technical audiences.
  • Provide technical subject matter expertise for strategic projects.
  • Develop and follow operational processes for incident analysis and remediation.
  • Mentor and train junior analysts to enhance their skills.
  • Manage and implement assigned work and projects.

Requirements

  • 5+ years of experience in Information Technology/Security.
  • 3+ years of experience in Cyber Incident Response, including threat identification and response.
  • Experience with security data analysis from various sources and tools.
  • Proficiency in TCP/IP, DNS, SIEM, and EDR technologies (e.g., Splunk, CrowdStrike, Carbon Black).
  • Experience with Windows environments and related security controls (IDS/IPS, AV, Proxies, Firewalls).
  • 1+ years of experience in Windows log analysis and memory forensics.
  • Experience in network traffic analysis.
  • Undergraduate degree in computer science or related field, or equivalent work experience.
  • Ability to work a flexible schedule, including shift work.

Nice-to-haves

  • Development of incident response reports and documentation.
  • Experience in a similarly sized organization with significant complexity.
  • Strong time management skills to balance multiple activities.
  • Security Certification (e.g., GCIH, GCFA, CCSP, OSCP).
  • Experience writing scripts or tools to enhance the investigative process.
  • Experience responding to cyber events in public cloud environments (AWS, Azure, Google Cloud).

Benefits

  • Medical insurance
  • Dental insurance
  • Vision insurance
  • Health care flexible spending account
  • Dependent care flexible spending account
  • Life insurance
  • Disability insurance
  • Accident insurance
  • Adoption expense reimbursements
  • Paid parental leave
  • Educational assistance
  • 401(k) plan
  • Stock purchase plan
  • Discounts at Marriott properties
  • Commuter benefits
  • Employee assistance plan
  • Childcare discounts

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service