Incident Response Analyst
Who We Are More than 30 years ago, E*TRADE pioneered the online brokerage industry by executing the first-ever electronic individual investor trade. While the landscape of our industry has changed dramatically, our culture of innovation and drive to make online trading accessible to everyone continues to drive us forward. We believe in challenging the status quo, fostering an environment of curiosity and learning, and, above all, putting our customers first.
About the Role SUMMARY
This position is on the Security Incident Response Team (SIRT) in the Information Security Operations organization, reporting to the manager of the SIRT. The SIRT is the escalation point for security incidents from the Security Operations Center (SOC). The SIRT also coordinates response efforts for cyber security incidents. Because SIRT members need to have in-depth technical subject matter knowledge, the opportunity exists for continued skill growth in a variety of disciplines. RESPONSIBILITIES
- Daily activities include investigating escalations from the SOC and performing oversight of SOC processes through review of SOC ticket handling.
- Act as part of the incident response team, providing subject matter expertise in the event of significant information security incidents.
- Manage and mature the Cyber Incident Management processes in coordination with Information Security and Technology Incident Management; leveraging common tooling, industry frameworks, and regulatory guidance to produce a repeatable and measurable program
- Perform collection and analysis of forensic artifacts including disk and memory image analysis, network packet capture analysis, malware identification and inspection, system and web log analysis.
- Produce reports detailing findings in support of case disposition and incident response activities.
- Handle evidence in forensically sound manner, including providing chain of custody and secure transport and storage.
- Assist in mentoring and supporting Security Operations personnel.
- Shape the future of the Security Operations organization by defining workflows for the efficient handling of different types of incidents.
- At least 1 year of experience working in high performing teams and understanding the dynamics of teamwork in an operational environment.
- At least 1 year of experience working in high-stress situations where timely and comprehensive updates are needed to a wide Executive Audience
- A minimum of 2 years working in a self-directed environment to perform logical problem solving and draw conclusions from available artifacts, such as security logs, operating system logs, application logs, and network device logs.
- Having worked a minimum of 3 years with at least one major operating system (Linux, Windows, Macintosh) or cloud architecture in an enterprise networking environment.
- Minimum four-year Computer Science degree, Business degree, or equivalent combination of education and experience required.
- Excellent verbal and written communication skills. Ability to translate between technical and business language dependent on audience.
- Ability to quickly summarize current state, outstanding items, and progress against specific goals
- Possess advanced knowledge of enterprise grade technologies including server class operating systems, various database architectures and web application logic engines.
- Demonstrate advanced knowledge of network traffic concepts (e.g. DNS, DHCP).
- Understanding of network infrastructure (e.g. router, switch, and firewall).
- Industry security certification (CISSP, GISP, GSEC) and at least one specialized certification (GCIH, GCFE, GCFA, etc) desired.
We offer a competitive and comprehensive benefits package. Please visit https://www.etradecareers.com/why-work-at-etrade/employee-benefits/ to learn more about the opportunities.
E*TRADE Financial is an Equal Opportunity Employer who encourages diversity in the workplace. All qualified applicants will receive consideration for employment without regard to race, color, national origin, religion, sex, age, disability, citizenship, marital status, sexual orientation, gender identity, military or protected veteran status, or any other characteristic protected by applicable law.