Optum - Raleigh, NC

posted about 2 months ago

Full-time
Remote - Raleigh, NC
Insurance Carriers and Related Activities

About the position

The Cybersecurity Analyst conducts network security investigations, cloud forensics, log analysis, host-based forensics, incident response, and case management. Candidates should be proficient at communicating verbal and written findings to stakeholders at all levels of the enterprise regarding cyber security incidents. You'll enjoy the flexibility to work remotely from anywhere within the U.S. as you take on some tough challenges. In this role, you will mentor analysts, providing training and guidance through complex incidents. You will identify deficiencies in processes and tools, make corrective recommendations, and drive implementation of solutions and efficiencies. Monitoring incident throughput and ensuring the team consistently follows established processes will be a key part of your responsibilities. You will also work to improve incident response times, establishing service level agreements (SLAs) and integrating with other subject matter experts throughout the organization. Your work will involve performing host-based digital forensics on Microsoft Windows systems primarily, as well as other operating systems, and documenting findings in clear and concise language. You will be responsible for preserving evidence using forensically sound methods and establishing, evaluating, and implementing performance metrics. Collaboration with Security Architecture and Engineering teams will be essential to remain abreast of changes to IT infrastructure and business environments. You'll be rewarded and recognized for your performance in an environment that will challenge you and give you clear direction on what it takes to succeed in your role as well as provide development for other roles you may be interested in.

Responsibilities

  • Mentor analysts, providing training and guidance through complex incidents
  • Identify deficiencies in processes and tools, make corrective recommendations, and drive implementation of solutions and efficiencies
  • Monitor incident throughput and ensure team consistently follows established processes
  • Improve incident response times, establishing SLAs
  • Integrate and collaborate with other subject matter experts throughout the organization
  • Influence the creation and/or adoption of new standards and procedures
  • Perform host-based digital forensics on Microsoft Windows systems primarily and other operating systems and document findings in clear and concise language
  • Preserve evidence (both network and host) using forensically sound methods
  • Establish, evaluate, and implement performance metrics
  • Work with Security Architecture and Engineering teams to remain abreast of changes to IT infrastructure and business environments

Requirements

  • 4+ years of experience working in computer forensics, cyber security investigation and other related fields
  • 4+ years of experience conducting complex forensic investigations using industry standard forensic tools including but not limited to EnCase, FTK, F-Response or X-Ways
  • 4+ years of experience with cloud environments and Forensics techniques in Azure, AWS, and GCP cloud services providers
  • 4+ years enterprise level triage; collecting artifacts from endpoints, network sensors, and application logs and performing corresponding analysis
  • 4+ years working with and understanding enterprise-wide technology risks that are inherent to a business and an ability to effectively communicate those risks to stakeholders
  • U.S. Citizenship is required

Nice-to-haves

  • Undergraduate degree or 4 years equivalent experience
  • 1+ of the following certifications: QSA, CCFP, EnCE, X-Pert, GCFE, GCFA, GNFA, CISSP, and/or GREM Certification
  • Direct experience with current advanced persistent threats (APT)
  • Experience with NetWitness, FireEye, Splunk, and/or RSA Security Analytics
  • Deep expertise with EnCase
  • Knowledge of Volatility, Rekall and/or Mandiant Redline
  • Knowledge of Chain of Custody process and procedures
  • Network traffic knowledge

Benefits

  • Comprehensive benefits package
  • Incentive and recognition programs
  • Equity stock purchase
  • 401k contribution
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service