Senior Cyber Incident Response Team Analyst - Remote

at  Center for Internet Security Inc

Overview:
Reporting to the Cyber Incident Response Team (CIRT) Manager, the Senior CIRT Analyst will work as a member of the Multi-State Information Sharing and Analysis Center (MS-ISAC) and Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC) CIRT to help respond to cyber incidents impacting State, Local, Tribal, and Territorial (SLTT) governments. This position involves critical duties and responsibilities that must continue to be performed during crisis situations and contingency operations, which may necessitate extended hours of work.
The Center for Internet Security (CIS) makes the connected world a safer place for people, businesses, and governments through our core competencies of collaboration and innovation. We are a community-driven nonprofit responsible for industry leading best practices for securing IT systems and data. We lead a global community of IT professionals to continuously evolve these standards and provide products and services to proactively safeguard against emerging threats.
Salary Range: $91,000 - $122,500

We offer a competitive total rewards package at the Center for Internet Security:

• Base salary is determined on a number of factors including, but not limited to, education, experience and skills
• Health (PPO, EPO, HSA), Dental & Vision Insurance eligibility starting from the first day of hire
• $500 wellness card for Health Coverage Participants
• 401(k) with 4% Company Match, vested from the first day of hire
• Flexible Spending Account (FSA) & Dependent Care Account (DCA)
• Life Insurance
• Bonding Leave
• Paid Volunteering Program
• Bonus eligibility
• Paid Time Off (PTO) inclusive of vacation, personal and sick time
• Paid Holidays
• Wellness Program
• Employee Engagement Activities
• Professional Development Opportunities
• Tuition Reimbursement
• Student Loan PayDown Program
• Employee Referral program
• Employee Assistance Program

What You’ll Do:

• Provide Incident Response, Computer Forensics, and Malware Analysis services to SLTT governments, as well as internal teams at CIS
• Perform forensic analysis in response to cyber-attacks and computer security breaches on compromised SLTT systems and networks with diverse architecture, operating systems, and size, to identify the extent and nature of the compromise and provide recommendations on containment, eradication, and remediation steps
• Conduct incident response calls with SLTT governments, as well as third party vendors, external incident response teams, and/or cyber insurance companies
• Provide detailed technical reports to document the findings that result from both forensic analysis and incident response cases for internal and external organizations
• Guide partners through the incident response process and technical investigations, utilizing excellent verbal communication skills effective for coaching and supporting victims in response to crisis, specifically cyber attacks
• Ability to provide consultation to third party SLTT government organizations with diverse technical backgrounds and skill sets, including review and analysis on external networks, typically unknown to CIRT
• Identify indicators of compromise (IOCs) from SLTT networks to support community network defense
• Perform consultation services in conjunction with incident response planning and best practices, delivered in presentations, webinars, blogs, and podcasts
• Support and respond to any security-related questions or incidents reported from MS-ISAC/EI-ISAC members
• Analyze previously undisclosed software and hardware vulnerabilities
• Collaborate across internal CIS functions and other MS-ISAC and EI-ISAC teams to provide excellent cybersecurity services
• Assist with improvements to policies, procedures, technologies, tools, techniques, and operational efficiencies
• Responsible for complex tasks, assignments, and projects, including but not limited to, the training and development of new computer forensic analysts
• Perform tasks independently with some oversight
• Other tasks and responsibilities as assigned

What You’ll Need:

• Bachelor’s degree in Digital Forensics, Cybersecurity, Computer Science, or a related field*
• 3+ years’ experience in Security, Network Administration, or equivalent knowledge
• Knowledge of incident response procedures, processes, and techniques
• Experience with various operating systems, such as Windows, Linux, and MacOS
• Thorough knowledge of networking and Windows fundamentals, specific to that of protocols, internal tools, server infrastructure, monitoring software, etc.
• Comprehension of system and application security threats and vulnerabilities
• Knowledge of various host and network-based security controls
• The position is open to U.S. Citizens and requires a favorably adjudicated DHS Fitness Review for Public Trust Positions**

• Provide Incident Response, Computer Forensics, and Malware Analysis services to SLTT governments, as well as internal teams at CIS
• Perform forensic analysis in response to cyber-attacks and computer security breaches on compromised SLTT systems and networks with diverse architecture, operating systems, and size, to identify the extent and nature of the compromise and provide recommendations on containment, eradication, and remediation steps
• Conduct incident response calls with SLTT governments, as well as third party vendors, external incident response teams, and/or cyber insurance companies
• Provide detailed technical reports to document the findings that result from both forensic analysis and incident response cases for internal and external organizations
• Guide partners through the incident response process and technical investigations, utilizing excellent verbal communication skills effective for coaching and supporting victims in response to crisis, specifically cyber attacks
• Ability to provide consultation to third party SLTT government organizations with diverse technical backgrounds and skill sets, including review and analysis on external networks, typically unknown to CIRT
• Identify indicators of compromise (IOCs) from SLTT networks to support community network defense
• Perform consultation services in conjunction with incident response planning and best practices, delivered in presentations, webinars, blogs, and podcasts
• Support and respond to any security-related questions or incidents reported from MS-ISAC/EI-ISAC members
• Analyze previously undisclosed software and hardware vulnerabilities
• Collaborate across internal CIS functions and other MS-ISAC and EI-ISAC teams to provide excellent cybersecurity services
• Assist with improvements to policies, procedures, technologies, tools, techniques, and operational efficiencies
• Responsible for complex tasks, assignments, and projects, including but not limited to, the training and development of new computer forensic analysts
• Perform tasks independently with some oversight
• Other tasks and responsibilities as assigne