|Location||Fort Worth, Texas|
|Preferred GIAC Certifications||GCIH, GCFA|
This analyst will lead the handling of complex cybersecurity incidents at American Airlines. The analyst will receive alerts from a variety of sources, triage these alerts, and initiate response activities to events determined to represent an incident. The analyst is responsible for documenting their activities during the course of an incident and ensuring the retention of appropriate evidence. The analyst is also responsible for communicating information to a variety of audiences, including senior management. In addition, the analyst is responsible for participating in/coordinating activities in support of improving the incident response function, such as lessons learned meetings and playbook revisions.
• Examines and performs comprehensive technical analysis of computer-related evidence and information stored on devices during the course of investigations.
• Utilizes Enterprise Incident Response plan and playbooks to investigate, analyze, and respond to cybersecurity incidents, participates in updating these documents on a routine basis
• Documents information in reports and retains evidence in support of incident response activities
• Uses malware analysis and forensics tools to support cyber incident response analysis
• Serve as point of escalation for other analysts, providing guidance and support in the resolution of incidents, as well as mentorship
• Collaborates with a variety of teams to support intelligence and research activities
• Participates in on-call rotation, to support the enterprise in the event of an incident outside normal business hours
• Maintains confidentiality of information