Lincoln Financial
Security Incident Response
This position continuously monitors the alert queue; investigates security alerts; monitors health of security sensors and endpoints; collects data and context necessary to initiate IR response. In addition, the analyst will be responsible for maintaining multiple security technologies for detecting and preventing IT security incidents. Responsible for correlation and initial triage of security events and indicators generated by security monitoring tools to determining scope, urgency and potential impact. Document incidents from initial detection through final resolution. Perform incident response functions including but not limited to - host-based analysis functions through investigating Windows, Linux, and Mac OS X systems to identify suspicious and malicious activities. Maintain expertise in Operating Systems (Windows/Linux) operations and artifacts to assist in investigations. Ability to analyze different data types from various sources within the enterprise and draw conclusions regarding past and potential current security incidents Provide after-hours (on-call/weekend rotational) support as required to address critical incidents and maintain continuous coverage. Perform threat hunting exercises to proactively and iteratively discover current or historical threats that evade existing security mechanisms and use that information to improve cyber resilience. Create and modify SIEM dashboards to clearly identify scope of findings or monitor activity. Tune and maintain security tool policies (EDR, IPS, Content Filter, etc.) to reduce false positives and improve tool detection capabilities. 3 - 5+ Years Experience with one or more of the following technologies: Endpoint Detection and Response (EDR/XDR) and/or DFIR opensource tools (Ex. Kape, Plaso Log2Timeline, Autopsy, etc.) 3 - 5+ Years Information Security related experience, in areas such as: security operations, incident analysis, incident handling, and vulnerability management or testing, system patching, log analysis, intrusion detection, or firewall administration. 4 Year/Bachelor's degree or equivalent work experience At Lincoln Financial, we love what we do. We make meaningful contributions each and every day to empower our customers to take charge of their lives. Working alongside dedicated and talented colleagues, we build fulfilling careers and stronger communities through a company that values our unique perspectives, insights and contributions and invests in programs that empower each of us to take charge of our own future. What's in it for you: Clearly defined career tracks and job levels, along with associated behaviors for each of Lincoln's core values and leadership attributes Leadership development and virtual training opportunities PTO/parental leave Competitive 401K and employee benefits Free financial counseling, health coaching and employee assistance program Tuition assistance program Work arrangements that work for you Effective productivity/technology tools and training The pay range for this position is $75,701 - $140,700 with anticipated pay for new hires between the minimum and midpoint of the range and could vary above and below the listed range as permitted by applicable law. Pay is based on non-discriminatory factors including but not limited to work experience, education, location, licensure requirements, proficiency and qualifications required for the role. The base pay is just one component of Lincoln's total rewards package for employees. In addition, the role may be eligible for the Annual Incentive Program, which is discretionary and based on the performance of the company, business unit and individual. Other rewards may include long-term incentives, sales incentives and Lincoln's standard benefits package. Lincoln Financial (NYSE: LNC) helps people to confidently plan for their version of a successful future. We focus on identifying a clear path to financial security, with products including annuities, life insurance, group protection, and retirement plan services. With our 120-year track record of expertise and integrity, millions of customers trust our solutions and service to help put their goals in reach.
This position continuously monitors the alert queue; investigates security alerts; monitors health of security sensors and endpoints; collects data and context necessary to initiate IR response. In addition, the analyst will be responsible for maintaining multiple security technologies for detecting and preventing IT security incidents. Responsible for correlation and initial triage of security events and indicators generated by security monitoring tools to determining scope, urgency and potential impact. Document incidents from initial detection through final resolution. Perform incident response functions including but not limited to - host-based analysis functions through investigating Windows, Linux, and Mac OS X systems to identify suspicious and malicious activities. Maintain expertise in Operating Systems (Windows/Linux) operations and artifacts to assist in investigations. Ability to analyze different data types from various sources within the enterprise and draw conclusions regarding past and potential current security incidents Provide after-hours (on-call/weekend rotational) support as required to address critical incidents and maintain continuous coverage. Perform threat hunting exercises to proactively and iteratively discover current or historical threats that evade existing security mechanisms and use that information to improve cyber resilience. Create and modify SIEM dashboards to clearly identify scope of findings or monitor activity. Tune and maintain security tool policies (EDR, IPS, Content Filter, etc.) to reduce false positives and improve tool detection capabilities. 3 - 5+ Years Experience with one or more of the following technologies: Endpoint Detection and Response (EDR/XDR) and/or DFIR opensource tools (Ex. Kape, Plaso Log2Timeline, Autopsy, etc.) 3 - 5+ Years Information Security related experience, in areas such as: security operations, incident analysis, incident handling, and vulnerability management or testing, system patching, log analysis, intrusion detection, or firewall administration. 4 Year/Bachelor's degree or equivalent work experience At Lincoln Financial, we love what we do. We make meaningful contributions each and every day to empower our customers to take charge of their lives. Working alongside dedicated and talented colleagues, we build fulfilling careers and stronger communities through a company that values our unique perspectives, insights and contributions and invests in programs that empower each of us to take charge of our own future. What's in it for you: Clearly defined career tracks and job levels, along with associated behaviors for each of Lincoln's core values and leadership attributes Leadership development and virtual training opportunities PTO/parental leave Competitive 401K and employee benefits Free financial counseling, health coaching and employee assistance program Tuition assistance program Work arrangements that work for you Effective productivity/technology tools and training The pay range for this position is $75,701 - $140,700 with anticipated pay for new hires between the minimum and midpoint of the range and could vary above and below the listed range as permitted by applicable law. Pay is based on non-discriminatory factors including but not limited to work experience, education, location, licensure requirements, proficiency and qualifications required for the role. The base pay is just one component of Lincoln's total rewards package for employees. In addition, the role may be eligible for the Annual Incentive Program, which is discretionary and based on the performance of the company, business unit and individual. Other rewards may include long-term incentives, sales incentives and Lincoln's standard benefits package. Lincoln Financial (NYSE: LNC) helps people to confidently plan for their version of a successful future. We focus on identifying a clear path to financial security, with products including annuities, life insurance, group protection, and retirement plan services. With our 120-year track record of expertise and integrity, millions of customers trust our solutions and service to help put their goals in reach.