Title: Cyber Security Incident Analyst/Manager
Location: Brooklyn, NY
- Monitor for and detect security events from SIEM, Log collection Engines and other security technologies, such as Splunk
- Perform investigations using various Monitoring Security technologies (i.e. IDS/IPS, DLP, etc.)
- Review alerts escalated by end users
- Perform initial triage of incoming issues (initially assessing the priority of the event, initial determination of event to determine risk and damage or appropriate routing of security or privacy data request)
- Monitoring of health alerts and downstream dependencies
- Provide limited response to end users for low complexity security events
- Review and take a proactive approach to false positive and work with the various Security teams to tune and provide feedback to improve accuracy of the alerts.
- Document, investigate and Notifying appropriate contact for security events and response
- Takes an active part in the resolution of events, even after they are escalated
- Collaborate with technical teams for security incident remediation and communication
- Conducts proof of concepts, vendor comparisons and recommend solutions in line with business requirements
- Conducts security research on threats and remediation methods
- Contributes to strategic planning to evaluate, deploy or update security technologies