Incident Response Analysts

Starr Insurance Companies is a leading insurance and investment organization, providing commercial property and casualty insurance, including travel and accident coverage, to almost every imaginable business and industry in virtually every part of the world.

Cornelius Vander Starr established his first insurance company in Shanghai, China in 1919. Today, we are one of the world's fastest growing insurance organizations, capable of writing in 128 countries on 6 continents.

Information Security - Incident Response Analyst

Starr's Information Security Team is seeking a candidate to join our Incident Response Team. Qualified candidates will possess a general understanding of the current cyber security threat types, attack methodologies, and the common controls and counter measures deployed to detect and defend against them. Candidates should be familiar with IR processes including documenting incident details, performing root cause, and lesson learned analysis.

Specific Skills & Responsibilities:

• Responsible carrying out daily monitoring and response security procedures

• Monitor IT Systems, Security alerting queues, and review daily reports

• Perform initial incident assessment, evidence gathering, and triage

• Escalate incidents, and participate in remediation efforts

• Provide feedback and recommendations for improvement of security controls and response procedures

• Communicates with peer Security/Operations teams and management with expected interactions with business users and vendors

• Assists with day to day security functions, respond to help tickets, requests for assistance with accessing Starr systems and software

• Splunk Log & Event Platform (basic query and report building)

Related and Desired Skills and Work experience:

• Bachelors Degree in Information Technology, Engineering, or a related field preferred but not required.

• 2 years working in the Information Technology or Computing Field preferred but years in other career paths considered.

• Basic understanding of security defenses (anti-virus, firewalls, access controls)

• Basic understanding of types of attacks, exploits and methods used to compromise or damage computing systems and networks.

• Basic understanding of networking and internet communications

• Security+ or similar security certification a plus

• Experience with any of the following technologies greatly preferred:

• Splunk Log & Event Platform (basic query and report building)

• Network Access Control

• Vulnerability Scanning

• Advanced Detection and Response Endpoint Agents

• Network Packet Capture and Event Analysis

• Threat Intelligence Platforms

• Microsoft Patching and Device Management Platforms

• Experience with Splunk SOAR a plus

• Experience with scripting, (batch, PowerShell, python, etc..) a plus

#LI-EP1

Starr is an equal opportunity employer, which means we'll consider all suitably qualified applicants regardless of gender identity or expression, ethnic origin, nationality, religion or beliefs, age, sexual orientation, disability status or any other protected characteristic. We recruit and develop our people based on merit and we're committed to creating an inclusive environment for all employees. We offer first class training and development opportunities to all employees. Our aim is to grow our own talent and bring out the best in people.