Detection & Response Analyst
Toyota Tsusho Systems US, Inc.United States15 hours ago
Full-timeOther
Track This Job
Add this job to your tracking list to:
- Monitor application status and updates
- Change status (Applied, Interview, Offer, etc.)
- Add personal notes and comments
- Set reminders for follow-ups
- Track your entire application journey
Save This Job
Add this job to your saved collection to:
- Access easily from your saved jobs dashboard
- Review job details later without searching again
- Compare with other saved opportunities
- Keep a collection of interesting positions
- Receive notifications about saved jobs before they expire
AI-Powered Job Summary
Get a concise overview of key job requirements, responsibilities, and qualifications in seconds.
Pro Tip: Use this feature to quickly decide if a job matches your skills before reading the full description.
Summary:
The Senior Detection and Response Analyst role will provide ongoing support to the Regional Security Operations program. In this role the Senior Detection and Response Analyst is expected to maintain an effective 24x7 monitoring and detection services to internal and external clients
Essential Functions:
Competencies:
The Senior Detection and Response Analyst role will provide ongoing support to the Regional Security Operations program. In this role the Senior Detection and Response Analyst is expected to maintain an effective 24x7 monitoring and detection services to internal and external clients
Essential Functions:
- Act as the point of escalation for all security incidents; provide expert level feedback regarding current monitoring and ways to improve it.
- Act as the shift lead and fulfil this responsibility through leadership and guidance of ID team members, proactively prioritizing, identifying, analyzing and remediating threats
- Ensure that the ID Analysts' daily work activity is completed to the required quality levels and timelines, by verifying that their responsibilities are executed, in accordance with the expectations set by the ID Team Lead.
- Triage security incidents and perform in-depth analysis using Cyber Threat Intelligence, intrusion detection systems, firewalls and other boundary protection devices.
- Maintain an understanding of the overall threat landscape (cyber, malware, botnets, phishing, DDoS, physical).
- Provide 24x7 coverage to support the RSOC services; Participate in an on-call rotation.
- Train and mentor team members within the Incident Detection Team.
- Improve the effectiveness and efficiency of day-to-day operations.
- Assist with service requests from customers and internal teams.
- Assist with containment and remediation of threats during incidents. Use internal ticketing system to track investigated incidents and capture relevant details.
- Support Incident Response efforts as needed, including providing counsel, working with the IR team, as well as other involved stakeholders within the organization and customers to drive forward remediation activities.
- Conduct threat hunting activities based on internal and external threat intelligence.
- Provide expert level feedback regarding current monitoring and ways to improve it.
- Improve the effectiveness and efficiency of day-to-day operations.
- Create and update daily and monthly reports.
- Contribute to the creation of documentation to standardize processes and procedures, including playbooks to improve internal processes and procedures.
- Use investigation findings to identify gaps and recommend security posture improvements.
- Identify, recommend, coordinate, and deliver timely knowledge to support teams.
- Other tasks and responsibilities as assigned by leadership.
Competencies:
- Experience working with cyber security tools and software such as Sentinel, Splunk, ATP, Symantec End Point, TrendMicro Antivirus, McAfee Web Gateway, Checkpoint Firewalls, Bluecoat, Sourcefire, Active Directory, or relevant cyber security assets.
- Excellent critical thinking, logic, and solution orientation and to learn and adapt quickly.
- Ability to learn and operate in a dynamic environment.
- Detail-orientated and analytical skills; Problem-solving skills.
- Strong verbal and written communication skills.
- Proficient with Microsoft Office & documentation skills (Word, Excel, PowerPoint)
- Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.
- This is a full-time position. Ability to work various 10-hour shifts, including weekends and holidays, supporting the 24x7 Cyber Fusion Center. Must be able to work both day and night shifts. Shifts rotate quarterly.
- This position may require 10% or less travel.
- 4+ years of experience in Security Operations monitoring.
- Experience with Security Operations processes, procedures, and services Advanced knowledge of network monitoring and network exploitation techniques.
- Strong technical background in security, network, infrastructure, cloud, applications.
- Knowledge of risk assessment tools, technologies and methods.
- Experience with common attack vectors, including advanced adversaries (nation state/financial motivation).
- Knowledge around common web application attacks including SQL injection, cross-site scripting, invalid inputs, and forceful browsing.
- Knowledge of how common protocols and applications work at the network level, including DNS, HTTP, and SMB.
- Experience working with cyber security tools and software such as Splunk, ATP, Symantec End Point, TrendMicro Antivirus, McAfee Web Gateway, Checkpoint Firewalls, Bluecoat, Sourcefire, Active Directory, or relevant cyber security assets.
- Technical certifications such as GCIA, GCFA, GCIH or CASP is a plus.
Key Skills
Ranked by relevanceReady to apply?
Join Toyota Tsusho Systems US, Inc. and take your career to the next level!
Application takes less than 5 minutes