Company | Aspen Technology, Inc. |
---|---|
Location | Bedford, MA OR Houston, TX OR Mexico City, MX OR Medina, MN |
Preferred GIAC Certifications | GSEC, GCIH, GCFE, GNFA, GCED, GCDA |
Travel | 5% |
Salary | Not provided |
URL | https://aspentech.wd5.myworkdayjobs.com/en-US/aspentech/details/Sr-Cyber-Incident-Response-Analyst_R6345?jobFamilyGroup=abc8d470ac9f0192f145214a193fe15a |
Contact Name | Anonymous |
Contact Email | recruiting/at/aspentech.com |
Expires | 2025-01-17 |
Job Description
Reporting to the leader of the Security Operations team, this role is a key member of the information security operations team at Aspen Technology. As a part of a global team, you will need to be well-versed in a wide variety of cybersecurity tools and best practices and have experience recommending security automations to make the team faster and more efficient. In the event of an incident, you will be our go-to expert. Drawing on your experience, you have a good understanding of how adversaries think and where to look for evidence of compromise leaving no stone unturned. The team’s core belief is that “security is a shared responsibility,” and you will be able to share your knowledge and enthusiasm for cybersecurity best practices with other team members and the rest of the enterprise.
Your Impact
Actively participate as a member of the Security Operations Center (SOC) during event monitoring, and threat hunting activities.
Lead the incident response process to ensure timely and effective responses to security incidents.
Conduct comprehensive investigations to identify the origin, extent, and impact of security incidents.
Plan and recommend modifications or adjustments to tools and response based on exercise results or system environment.
Track and document cyber incidents from initial detection through final resolution.
Collaborate on enterprise-wide security tool alignment with policies and business needs.
Create reports, dashboards, metrics for SOC operations and presentation to senior management.
Mentor team members.
What You'll Need
Demonstrated pursuit of knowledge through relevant certifications (Cloud Certifications, CISSP, GCIH, GCFA, etc.).
5+ years experience in cybersecurity operations or cyber incident response.
Exceptional problem-solving skills, with the ability to analyze complex challenges and provide innovative solutions.
Expert level knowledge of the MITRE ATT&CK Framework and common Tactics, Techniques, and Procedures.
Experience with multiple query languages to extract data from different logs and tools. Scripting ability a plus.
Strong analytic and reasoning skills, particularly in solving large, complex problems.
Constantly curious and dedicated to expanding knowledge and experience.
“Own the problem” and work an issue to resolution. Ability to assume high levels of responsibility and to work with minimal day-to-day supervision.
Knowledge of the following technologies: Information Security best practices, Intrusion Detection systems, Data Loss Prevention systems, Network forensics toolkits and malware analysis, SIEM Logs, Dashboards, and Alerting, Web technologies, Microsoft, Apple, and Unix operating systems