DuPont Cyber Security -- Incident Response Analyst Lead in Wilmington, Delaware

Cyber Security -- Incident Response Analyst Lead (Job Number: 010719W-01)

Description

The Cyber Incident Response Team (CIRT) performs legal/human resource investigations (responsible for establishing a chain of custody for evidence, conducting necessary computer forensics)

The Cyber Incident Response Analyst Lead responds to Network Intrusions and/or Incidents (coordinating with numerous groups which could be involved in responding to intrusions, as well as conducting follow-up investigations to such incidents.)

Responsibilities May Include:

· Independently leading computer incident investigations, determining the cause of the security incident and preserving evidence for potential legal action

· Perform detailed forensic analysis on computers, phones, any other digital media Interface with business function owners, legal, human resources, technical personnel, and others

· Make recommendations on corrective action for incidents

· Assess artifacts/close incident vulnerability -- preserve technical evidence

· Produce security incident and investigation reports/briefings

· Analyze infrastructure security incidents to determine if incident qualifies as a legitimate security breach

· Teach other team members advanced techniques in forensic investigations

· Event monitoring, analysis, responding, and reporting for IT security incidents

· IT security incident and vulnerability response and escalations

· Threat detection and response and escalations

· IT Security process improvement and documentation including roadmaps and runbooks

· Knowledge and experience with several IT Security layers, components, and technologies that are commonly used such as but not limited to; web content filtering, intrusion detection and prevention, data loss prevention, Security Information and event management systems

· Good written and verbal communication skills at different levels with the ability to articulate with both technical and non-technical audiences

· Team player with strong relationship building skills that assists with interconnecting and high collaboration across all IT departments – promptly shares relevant information with others

Qualifications

Required Skills:

Bachelor’s Degree in Computer Science or related field, such as Computer Engineering, Computer Forensics, Cyber Security, Information Systems, or equivalent experience and 5 years of work experience performing incident response and digital forensics.

Competencies Needed:

· Ability to conduct forensic examinations for Windows; Linux and mobile platform (iOS/Android) environments a plus

· Solid understanding of networking, cyber security concepts, secure coding practice, vulnerability identification, and cyber threat intelligence

· Strong understanding of incident response methodologies and technologies

· Understanding of the life cycle of network threats, attacks, attack vectors, and methods of exploitation

· Ability to analyze captured data to perform incident response and identify potential compromises

· Ability to perform network and host based forensics and log analysis

· Strong communication skills are necessary, including experience in:

o Authoring and editing technical reports and presentations

o Mentoring and collaborating with technical analysts

· Strong analytical skills, creative thinking, and knowledgeable of security operations

· Experience in static and dynamic analysis of binaries

· Active US Secret Clearance/US Citizenship (or able to obtain upon hire)

· One or more industry certifications (or achieve within 6 months):

o CISSP, GCED, GCIH, GCFA, GCFE, etc.

· Able & Willing to participate in On-call rotation for emergency cyber security situations

Primary Location: NA-United States-Delaware-Wilmington

Organization: Corporate

Schedule: Full-time

Education Level: Bachelor's Degree (±16 years)

Employee Status: Regular

Job Type: Experienced