Incident Management Analyst

Itac Holdings, LLC Birmingham , AL 35202

Posted 2 months ago

ITAC Solutions is targeting an Incident Management Analyst for a great company in the Birmingham, AL area!
What youll be doing (duties of this position):

Ensure all impacting incidents are managed effectively and professionally, resulting in the restoration of normal service quickly, efficiently and with minimal impact to our internal and external customers.
Extensive interaction with Operations, System Support, internal customers, and management including senior or executive management positions.
Responsible for ensuring that the Incident Management process is followed for every incident.

What youll need to be considered (requirements):

Flexibility and willingness to support a 24x7 operation via off-hours support, on-call availability, or other as needed per business needs
Demonstrated experience in customer support for enterprise-scale technology solutions.
Demonstrated expertise in leading triage & integration functions on enterprise-scale solutions.
Strong understanding of logical IT principles such as Active Directory, Windows Server, IIS, SQL, Web services, and their applications in high availability environments
Knowledge and exposure with distributed systems across hyper-scale, cloud-based environments
Working knowledge of physical IT infrastructures such as Enterprise Server Platforms and related IT architectures and equipment
Working knowledge of ITIL incident, problem, and change management components


icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Incident Response Analyst (Birmingham)

The Southern Company

Posted 1 week ago

VIEW JOBS 2/8/2020 12:00:00 AM 2020-05-08T00:00 Incident Response Analyst (Birmingham) Description Incident Response Analyst Job Description A Southern Company Incident Response Analyst is the escalation point for cyber security incidents. He or She, leads cyber security incidents end to end, identifying reputational and/or financial impact to the business and performing the most effective course of action to contain, eradicate and remediate an incident. A Southern Company Incident Response Analyst maintains a good knowledge of the threat landscape and helps enhance visibility and response capabilities by identifying new methods of detecting threats. When not actively engaged with a cyber security incident or enhancing threat visibility & response capabilities, a Southern Company Security Incident Response Analyst utilizes a proactive technique identified as "hunting". Hunting is a proactive, offensive technique empowering incident responders to execute TTP's in order to identify unauthorized access to Southern Company systems and seek out adversaries determined to negatively impact Southern Companies reputation, financial interest or threatens the safety of our employees and customers. Candidates are expected to discuss and demonstrate they meet required qualifications and accept the responsibilities for the role of a Southern Company Incident Response Analyst. Responsibilities * Take ownership and manage cyber incident response end to end * Work in concert with other IT security teams when performing investigations * Self-initiate hunting initiatives to discover potential breaches or undiscovered cyber threats * Remain abreast of emerging threat patterns and provide recommendations to detect threats * Assists with patching recommendations and workarounds for zero-day threats. * Coordinate mitigation or remediations task with stakeholders or supporting teams * Communicates with management on incident updates. * Perform workstation forensics when required for investigations and compliance teams * Document analytical steps and findings associated with cyber security incident investigations * Review IOCs and TTPs on threat campaigns/intelligence and determine if we should implement additional detective/protective measures * Be able to identify when additional assistance/resources are required during an incident * Participate in root cause analysis or lessons learned sessions * Write technical articles for knowledge sharing * Establish and maintain excellent working relationships/partnerships with the cyber security and infrastructure support teams throughout the Information Technology organization, as well as business unit operation centers. Qualifications Required for Incident Response Analyst * 5 years IT security experience * 4 years of experience in performing analysis on Windows and LINUX/UNIX systems * 4 years of experience and/or familiarity in the following areas: * Network/Endpoint: analysis tools * Scripting languages * Windows/Unix command line utilities * Reputation analysis associated with IP's, Domains, Email Addresses * Ticketing Systems * Required to submit to a background examination. * 3 years' Experience operating within a security application such as Kali, Metasploit, and etc. * 3 years Security Operations Center experience * 2 years Exposure investigating security events associated with cloud applications * Developed and tuned use cases for alerting in a SIEM * Experience drafting IT Security procedures * Experience working with an Incident Response team during a Cyber Security event/incident * Familiar with and have worked within Cyber Security Frameworks such as: * NIST 800 – 61 * Attack Life Cycle * SANS Security Controls * MITRE * SANS Security 500 Series or other industry standard equivalent * Experience with PCAP analysis * Experience investigating Cloud Application security events * Experience investigating endpoint and network security events * What did the fox say * Experience investigating user reported Phishing events (specifically investigating suspicious links and attachments) * Experience analyzing security events utilizing sandbox technology * Oral and written communication skills * Experience taking ownership of incidents from acknowledgement to resolution * Ability to identify and mitigate security events by recommending and/or implementing defensive/preventive strategies * Experience initiating security event investigations * Experience mentoring/training other IT Security professionals Preferred capabilities * Excellent Oral and written communication skills * Ability to take ownership of incidents from acknowledgement to resolution * Ability to initiate security event investigations * Ability to comprehend and articulate business impact associated with security events * Interacting with vendors to support proof of concepts * Proficient in Microsoft Office products: Excel, Word, Outlook etc. * Exposure, experience and/or knowledge of cloud technology * Familiar with NIST 800-61 and SANS Critical Security Controls * Ability to identify and mitigate security events by recommending and/or implementing defensive/preventive strategies * Ability to digest large amounts of information from multiple resources in order to identify appropriate next steps Desired certifications * GIAC Security Essentials (GCIH) * GIAC Certified Intrusion Analyst (GCIA) * GIAC Certified Forensics Examiner (GCFE) * Offensive Security Certified Professional (OSCP) * Other certifications within IT Security Characteristics of a Southern incident Response Analyst * Self-Motivated – Cyber Analysts do not only act when security tools trigger alerts, we are suspicious by nature and can generate security events based on self-initiated task. * Perseverance - Cyber Analysts identify resources that allow us to move through or around barriers as we analyze cyber security events. * Dependable – Cyber Analysts work within a team environment and thus, we rely on one another for knowledge-sharing and dependence. * Integrity - As Cyber Analysts, our reputation is our code of ethics. We are not perfect. We admit our mistakes. We do the right thing. Sense of Humor – Although this may vary, just have one; I promise we can work with it. We have a lot of fun in what we do, so you will need a sense of humor to keep up. #LI Southern Company (NYSE: SO) is America-s premier energy company, with 44,000 megawatts of generating capacity and 1,500 billion cubic feet of combined natural gas consumption and throughput volume serving 9 million electric and gas utility customers through its subsidiaries. The company provides clean, safe, reliable and affordable energy through electric utilities in four states, natural gas distribution utilities in seven states, a competitive generation company serving wholesale customers across America and a national recognized provider of customized energy solutions, as well as fiber optics and wireless communications. Southern Company brands are known for excellent customer service, high reliability and affordable prices that are below the national average. Through an industry-leading commitment to innovation, Southern Company and its subsidiaries are inventing America-s energy future by developing the full portfolio of energy resources, including carbon-free nuclear, 21st century coal, natural gas, renewables and energy efficiency, and creating new products and services for the benefit of customers. Southern Company has been named by the U.S. Department of Defense and G.I. Jobs magazine as a top military employer, recognized among the Top 50 Companies for Diversity by DiversityInc, listed by Black Enterprise magazine as one of the 40 Best Companies for Diversity and designated a Top Employer for Hispanics by Hispanic Network. The company has earned a National Award of Nuclear Science and History from the National Atomic Museum Foundation for its leadership and commitment to nuclear development and is continually ranked among the top utilities in Fortune-s annual World's Most Admired Electric and Gas Utility rankings. Visit our website at www.southerncompany.com at http://www.southerncompany.com/ . Southern Company is an equal opportunity employer where an applicant's qualifications are considered without regard to race, color, religion, sex, national origin, age, disability, veteran status, genetic information, sexual orientation, gender identity or expression, or any other basis prohibited by law. Job Field: Information Technology Job Type: Standard Primary Location: Alabama-Metro Birmingham/Eastern AL-Birmingham Operating Company: Southern Company Services Job Type: Standard Travel (Up to...): No Work Location(s): APC Corporate Headquarters - 600 North 18th Street (600BIRMINGHAM) 600 North 18th Street Birmingham, 35203 Req ID: SCS2008706 The Southern Company Birmingham AL

Incident Management Analyst

Itac Holdings, LLC