Frontier Communications Corporation
Incident Response Cyber Analyst
Frontier Communications Corporation, Dallas, Texas, United States, 75215
Incident Response Analyst will report to the Manager of Incident Response and will be responsible for Tier 2 or Tier 3 Triage support of cyber security event escalations. As an Incident Response Analyst, you will be part of a cross functional Incident Response team of Incident Response Analysts who are responsible for security operations including log analysis, application security analysis, vulnerability analysis, incident response, and threat analysis. This role evaluates the type and severity of security events leveraging their in-depth knowledge of exploits and vulnerabilities and works with the Incident Response Lead Investigator in investigating and responding to security incidents.
Essential Duties and Responsibilities
Review security escalation alerts and evaluate urgency and relevancy
Perform security investigation and triage using analyst tools and techniques and determine criticality of potential security threats
Follow runbook for incident escalation and event management
Request or review vulnerability scan information and review the assessment report.
Advises on configuration of security monitoring tools.
Analyze additional log correlation
Analyze network traffic and data
Escalate as necessary cyber incident findings and preliminary investigation results to IR Lead Investigator
Maintain technical currency and continuously leverage opportunities to strengthen skills and broaden expertise.
Review Cyber Security Intelligence to determine relevancy to Frontier and research as necessary, collaborating with Vulnerability Management and IT Operations to determine exposure to zero-day vulnerabilities
Serve in monthly on call rotation for afterhours escalations
Identify opportunities for automation and orchestration and make recommendations
Generate tickets as needed to engage appropriate IT resources
Skills and Experience Required
In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc.
2+ years of SOC experience, including incident response triage, threat hunting, and configuring alerting rules
Experience with automation (Powershell, Python, APIs, etc.) for IR activities
Solid understanding of cyber landscape and typical threat vectors
Working knowledge of security technologies such as: SIEM, EDR, FW, AD, IPS, SOAR, WAF, CTI, Application and Email Defense, SandBox
Fluency in spoken and written English
Preferred: experience with Azure and AWS cloud technologies
Education
BA/BS Degree in relevant technology discipline or can substitute for additional experience in field
Certifications, Licenses, Registrations
CISSP Certified Information Systems Security Professional IT security certifications (CISSP, CISM, CISA, GIAC, CYSA, CEH or similar) Preferred
We are deeply committed to attracting talented team members in the US from all backgrounds regardless of race, age, gender, ethnicity, religion, sexual orientation, disability status, or nationality. However, at this time, we are not sponsoring any Visas.
Connecting communities is at the heart of what we do. We are committed to building a team that reflects the communities we serve. If your background and experiences are aligned with our passion to improve digital access across America, we encourage you to apply and help us achieve our mission to #BuildGigabitAmerica.
Frontier Communications is an affirmative action and equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against based on disability.
#J-18808-Ljbffr
Essential Duties and Responsibilities
Review security escalation alerts and evaluate urgency and relevancy
Perform security investigation and triage using analyst tools and techniques and determine criticality of potential security threats
Follow runbook for incident escalation and event management
Request or review vulnerability scan information and review the assessment report.
Advises on configuration of security monitoring tools.
Analyze additional log correlation
Analyze network traffic and data
Escalate as necessary cyber incident findings and preliminary investigation results to IR Lead Investigator
Maintain technical currency and continuously leverage opportunities to strengthen skills and broaden expertise.
Review Cyber Security Intelligence to determine relevancy to Frontier and research as necessary, collaborating with Vulnerability Management and IT Operations to determine exposure to zero-day vulnerabilities
Serve in monthly on call rotation for afterhours escalations
Identify opportunities for automation and orchestration and make recommendations
Generate tickets as needed to engage appropriate IT resources
Skills and Experience Required
In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc.
2+ years of SOC experience, including incident response triage, threat hunting, and configuring alerting rules
Experience with automation (Powershell, Python, APIs, etc.) for IR activities
Solid understanding of cyber landscape and typical threat vectors
Working knowledge of security technologies such as: SIEM, EDR, FW, AD, IPS, SOAR, WAF, CTI, Application and Email Defense, SandBox
Fluency in spoken and written English
Preferred: experience with Azure and AWS cloud technologies
Education
BA/BS Degree in relevant technology discipline or can substitute for additional experience in field
Certifications, Licenses, Registrations
CISSP Certified Information Systems Security Professional IT security certifications (CISSP, CISM, CISA, GIAC, CYSA, CEH or similar) Preferred
We are deeply committed to attracting talented team members in the US from all backgrounds regardless of race, age, gender, ethnicity, religion, sexual orientation, disability status, or nationality. However, at this time, we are not sponsoring any Visas.
Connecting communities is at the heart of what we do. We are committed to building a team that reflects the communities we serve. If your background and experiences are aligned with our passion to improve digital access across America, we encourage you to apply and help us achieve our mission to #BuildGigabitAmerica.
Frontier Communications is an affirmative action and equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against based on disability.
#J-18808-Ljbffr