Triage Analyst, Cyber Security

3 days left

Employer
Target
Location
Brooklyn Park, Minnesota, United States
Posted
Mar 07, 2019
Closes
Mar 28, 2019
Category
Business, Other
Employment Status
Full Time
Description: JOIN US AS AN INCIDENT TRIAGE ANALYST, CSIRT, CYBER SECURITY

Similar Industry Titles and Key Words: cyber security, intrusion, event analyst, fusion center, incidents

SUMMARY

The Incident Triage Analyst position is responsible for triaging cyber security events and incidents across the Target environment. The Incident Triage Analyst supports Target's cyber security operations by monitoring alerts during heavy volume events within a 24/7 Cyber Fusion Center.This position conducts more in-depth analyses of security incidents with specific ability to identify potential compromise, perform intrusion scope and root cause analyses and implement triaging protocols to mitigate potential impacts.

KEY RESPONSIBILITIES

Incident Triage Analysts create filters, data monitors, dashboards, and reports within monitoring utilities. Troubleshoot security monitoring devices to improve event correlation and performance.Develop and update procedures, and configure tools for Event Detection Analysts to use.Handle high and critical severity incidents as described in the operations playbook.Perform additional analysis of escalations from Event Detection analysts and reviews Level 1 tickets.Escalate high or critical severity level incidents to Incident Handlers. Acts as a participant during Cyber Hunt activities at the direction of one or more Target Incident HandlersMINIMUM QUALIFICATIONS

2+ years of information security experienceBA/BS in Engineering, Computer Science, Information Security, or Information Systems or equivalent experienceExperience using event escalation and reporting proceduresAbility to learn and operate in a dynamic environmentAbility to demonstrate analytical expertise, close attention to detail, excellent critical thinking, logic, and solution orientation and to learn and adapt quicklyKnowledge of network monitoring, analysis, troubleshooting, and configuration control technologiesKnowledge of how common protocols and applications work at the network level, including DNS, HTTP, and SMBKnowledge of cyberattack techniques and tools Strong oral and written communication skillsDESIRED QUALIFICATIONS

Experience with host and network based security tools desiredExperience managing cases with enterprise SIEM systems Knowledge of how the Windows file system and registry function and UNIX operating systems and command line toolsExperience conducting forensic media analysis and log file analysisExperience supporting network investigations.One or more certifications including, Security+, GCIA, GCIH, CISSP or similar

Qualifications:

Similar jobs

Similar jobs