Senior Information Security Analyst - Cyber Incident Response Team

$83,550 - $178,603/Yr

Marriott International - Providence, RI

posted 4 months ago

Full-time - Mid Level
Hybrid - Providence, RI
Accommodation

About the position

The Cyber Incident Response Analyst is a critical role within Marriott's Information Technology department, primarily focused on responding to both existing and emerging cyber threats. This position requires a deep understanding of attacker behavior and the ability to analyze data from various sources and tools to identify and mitigate risks. The analyst will manage security events and incidents, providing mentorship and training to junior analysts, ensuring that the team is well-equipped to handle the complexities of cyber threats. The successful candidate will demonstrate strong technical skills, effective communication abilities, and the capacity to manage multiple investigations under tight deadlines. In this role, the analyst will conduct host and network forensics, as well as log analysis, to support incident response investigations. They will handle escalations from both internal and external sources, quickly triaging and responding to threats as necessary. Utilizing advanced technology platforms and security tools, the analyst will conduct large-scale investigations, collecting and examining endpoint and network-based evidence. The role also involves developing and presenting comprehensive reports tailored for various audiences, including technical teams, executives, and non-security stakeholders. The Cyber Incident Response Analyst will be responsible for providing technical subject matter expertise related to strategic projects that enhance the maturity and capability of the Incident Response team. They will develop and adhere to detailed operational processes and procedures for analyzing, escalating, and assisting in the remediation of information security incidents. Additionally, the analyst will mentor and train other team members, fostering an environment of continuous learning and improvement. Flexibility in work hours, including potential shift work, is required to meet the operational needs of the business.

Responsibilities

  • Conduct host forensics, network forensics, and log analysis in support of incident response investigations.
  • Handle escalations from internal and external sources to quickly triage and respond to threats as needed.
  • Utilize technology platforms and security tools to conduct large-scale investigations and collect/examine endpoint and network-based evidence.
  • Develop and present comprehensive reports for technical, executive, and non-security stakeholder audiences.
  • Provide technical subject matter expertise related to strategic projects and initiatives that advance the maturity and capability of the Incident Response team.
  • Develop and follow detailed operational processes and procedures to analyze, escalate, and assist in the remediation of information security-related incidents.
  • Apply technical acumen and analytical capabilities to enhance response speed and effectiveness.
  • Mentor, train, and provide feedback to other analysts to advance their skills and enable new ways of monitoring and detecting threats.
  • Work in a flexible environment, including shift work, as required to meet business and operational needs.

Requirements

  • 5+ years of experience in Information Technology/Security.
  • 3+ years of experience in Cyber Incident Response, including identification and response to existing and emerging threats.
  • Experience in identifying attacker tools, tactics, and procedures (TTPs).
  • Proficient in security data analysis from various sources and tools.
  • Familiarity with TCP/IP, DNS, SIEM, and EDR technologies (e.g., Splunk, CrowdStrike, Carbon Black).
  • Experience with Windows environments and related security controls (IDS/IPS, AV, Proxies, Firewalls).
  • 1+ years of experience in Windows log analysis and memory forensics.
  • Experience in network traffic analysis.
  • Undergraduate degree in computer science or related field, or equivalent work experience.
  • Ability to work a flexible schedule that may include shift work.

Nice-to-haves

  • Development of incident response reports and documents or similar reporting skills.
  • Experience in a similarly sized organization with significant complexity.
  • Strong time management skills to balance multiple activities and lead junior analysts as needed.
  • Security Certification (e.g., GCIH, GCFA, CCSP, OSCP).
  • Experience writing scripts, tools, or methodologies to enhance the investigative process.
  • Experience responding to cyber events in public cloud environments such as AWS, Azure, Google Cloud.

Benefits

  • Medical insurance
  • Dental insurance
  • Vision insurance
  • Health care flexible spending account
  • Dependent care flexible spending account
  • Life insurance
  • Disability insurance
  • Accident insurance
  • Adoption expense reimbursements
  • Paid parental leave
  • Educational assistance
  • 401(k) plan
  • Stock purchase plan
  • Discounts at Marriott properties
  • Commuter benefits
  • Employee assistance plan
  • Childcare discounts

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service