Senior Incident Response Analyst Full-time Job
9 months ago - Security & Safety - CorkJob Details
About NetApp
We’re forward-thinking technology people with heart. We make our own rules, drive our own opportunities, and try to approach every challenge with fresh eyes. Of course, we can’t do it alone. We know when to ask for help, collaborate with others, and partner with smart people. We embrace diversity and openness because it’s in our DNA. We push limits and reward great ideas. What is your great idea?
"At NetApp, we fully embrace and advance a diverse, inclusive global workforce with a culture of belonging that leverages the backgrounds and perspectives of all employees, customers, partners, and communities to foster a higher performing organization." -George Kurian, CEO
Job Summary
In this role, you will be part of a team that is responsible for analysis of cyber threats that could impact company resources.
The Sr. IR (Incident Response) Analyst will establish operating procedures to detect & respond to cyber incidents from external threats as an integral part of a Cyber Security Operations Center (CSOC). The Sr. IR Analyst will lead a team providing strategic and lifecycle direction. He/She will be the senior most escalation point for IR related events. This person must be a self-starter with the ability to research and solve problems independently but must also able to collaborate in a dynamic team environment. Leadership, Technical and Mentoring skills are crucial.
Responsibilities
- Establish processes for analysts who conduct security monitoring, triage and analysis, handle incoming notifications from NetApp personnel, and conduct notifications.
- Handle escalations related to advanced persistent threat or forensic events.
- Interface with executive and corporate management.
- Continually research the current threat landscape and tactics as they apply to team and adjust accordingly.
- Advise management on the effectiveness execute modifications where appropriate.
Job Requirements
- Advanced understanding of network communications (TCP/IP networks, Web Protocols, Identity & Cloud)
- Advanced understanding of IT security principles
- Ability to work with a globally distributed team
- Strong oral and written communication skills
- The ability to travel as needed to support the corporate objectives.
- Ability to work some late hours or weekends as the role requires.
- Previous operational experience in a CSIRT, CIRT, SOC, or CERT, Security Incident Management – analysis, detection and handling of security events.
- Expert understanding of tactics used by APT, Cyber Crime and other associated threat group
- Advanced understanding of multiple operating systems such as Linux, Solaris, BSD, or Windows
- Advanced understanding of intrusion detection systems (e.g. Snort, Suricata) and tools (e.g. tcpdump, Wireshark)
- Advanced comprehension of how attacks exploit operating systems and protocols
- Must understand how to analyze network traffic for suspicious and malicious activity
Education
- Hands-on experience with other security technologies:
- Next-Gen Intrusion Detection Systems – FireEye, Damballa, or Palo Alto WildFire
- Security Information & Event Management (SIEM) – ArcSight, Splunk, QRadar, etc
- Packet capture technologies – NetWitness, Solera, Moloch, or at a minimum, WireShark or tcpdump
- Scripting experience with one or more of the following: PERL, Bash, PowerShell, Python
- Ability to write technical documentation and present technical briefings to varying audiences
Typically requires a minimum of 8 years of related experience with a Bachelor’s degree; or 6 years and a Master’s degree; or a PhD with 3 years experience; or equivalent experience.
- 5+ years of information security experience is required; At least 3 years of experience in security monitoring, digital forensic analysis, penetration testing, or incident response is preferred.
- A Bachelor of Arts or Sciences Degree is required; or equivalent experience.
- Leadership or Management experience
Did you know…
Statistics show women apply to jobs only when they’re 100% qualified. But no one is 100% qualified. We encourage you to shift the trend and apply anyway! We look forward to hearing from you.
Why NetApp?
In a world full of generalists, NetApp is a specialist. No one knows how to elevate the world’s biggest clouds like NetApp. We are data-driven and empowered to innovate. Trust, integrity, and teamwork all combine to make a difference for our customers, partners, and communities.
We expect a healthy work-life balance. Our volunteer time off program is best in class, offering employees 40 hours of paid time off per year to volunteer with their favorite organizations. We provide comprehensive medical, dental, wellness, and vision plans for you and your family. We offer educational assistance, legal services, and access to discounts. We also offer financial savings programs to help you plan for your future.
If you run toward knowledge and problem-solving, join us.