firstPRO, Inc
firstPRO is now accepting resumes for a Cyber Security Incident Response Specialist role in Boston, MA. This is a direct hire role with a hybrid workstyle.
Responsibilities
Customer Support: 85% Monitor SIEM and other security tools for abnormal activity and triage alerts in real time. Lead investigation and containment of security incidents involving malware, phishing, data leakage, unauthorized access, and system compromise. Perform forensic analysis on compromised endpoints and servers to identify root causes and indicators of compromise (IOCs). Develop, refine, and implement incident response playbooks for different threat scenarios. Provide detailed documentation and post-incident reporting, including lessons learned and remediation strategies. Coordinate with IT and Legal teams on incident disclosure and evidence preservation. Technical Support Documentation and Organization: 15% Maintain thorough documentation of incident response procedures and timelines. Assist with updates to business continuity and disaster recovery plans as they relate to cybersecurity events. Support audit and compliance requirements by maintaining evidence of security incidents and actions taken. Knowledge Skills and Abilities
Education: BSc in Cybersecurity, Information Systems, Computer Science, or equivalent experience Experience: 3–5 years of experience in cybersecurity operations with a strong focus on incident response Familiarity with tools like CrowdStrike, SentinelOne, Splunk, Wireshark, or equivalent Understanding of MITRE ATT&CK framework, malware analysis, and digital forensics Seniority level
Mid-Senior level Employment type
Full-time Job function
Information Technology Industries
Staffing and Recruiting
#J-18808-Ljbffr
Customer Support: 85% Monitor SIEM and other security tools for abnormal activity and triage alerts in real time. Lead investigation and containment of security incidents involving malware, phishing, data leakage, unauthorized access, and system compromise. Perform forensic analysis on compromised endpoints and servers to identify root causes and indicators of compromise (IOCs). Develop, refine, and implement incident response playbooks for different threat scenarios. Provide detailed documentation and post-incident reporting, including lessons learned and remediation strategies. Coordinate with IT and Legal teams on incident disclosure and evidence preservation. Technical Support Documentation and Organization: 15% Maintain thorough documentation of incident response procedures and timelines. Assist with updates to business continuity and disaster recovery plans as they relate to cybersecurity events. Support audit and compliance requirements by maintaining evidence of security incidents and actions taken. Knowledge Skills and Abilities
Education: BSc in Cybersecurity, Information Systems, Computer Science, or equivalent experience Experience: 3–5 years of experience in cybersecurity operations with a strong focus on incident response Familiarity with tools like CrowdStrike, SentinelOne, Splunk, Wireshark, or equivalent Understanding of MITRE ATT&CK framework, malware analysis, and digital forensics Seniority level
Mid-Senior level Employment type
Full-time Job function
Information Technology Industries
Staffing and Recruiting
#J-18808-Ljbffr