Incident Response Analyst Tier 1 - Hybrid in Austin, TX*
Optomi, in partnership with a leader in the financial services space is seeking an Incident Response Security Analyst with strong investigative skills to handle Tier 1 alerts. The Tier 1 SOC Security Analyst will have knowledge of security monitoring, common attacks, risk management concepts, etc. The ideal person for this role will have at least 1 year of experience working as a security analyst and comfortable monitoring and meeting SLAs.
3rd party side- if third party has an incident, we have to reach out to third party and see if they have
24 hours before they have to report an incident
Day to Day:
How did the incident occur? Able to attain it? 3rd party forensic team?
Daily call - ask what they did today
Person has to be knowledgeable about general cyber security incidents
Taking notes
Lost of follow ups
Writing a report that they would submit to the regulators
Key Qualifications:
- 1+ years of incident analysis experience working in a Tier 1 role.
- Fundamental understanding of security tools such as SIEM, IDS/IPS, web proxies, DLP, CASB, SIEM, DNS security, DDoS protection, and firewalls
- Fundamental understanding of cloud security and responding to cloud alerts/events
- Knowledge of NIST and MITRE ATT&CK security frameworks
- Knowledge of Microsoft Windows systems including active directory and Unix systems
- Experience analyzing and inspecting log files, network packets, and any other security tool information output from multiple system types
- Familiar with basic reverse engineering principles and understand of malware, rootkits, TCP/UDP packets, network protocols
- Team-oriented and skilled in working within a collaborative environment
- Experience with technical analysis of email headers, links, and attachments to determine if an email is malicious, and then executing remediation techniques to protect the environment
**This role is looking for someone to work hybrid in Austin, TX, Dallas, TX, Chicago, IL OR Jacksonville, FL
