Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Jobs InfoSec Jobs

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

This listing has expired and therefore is not publicly viewable.

Senior Incident Response Analyst
Company American Airlines
Location Fort Worth, Texas
Preferred GIAC Certifications GCIH, GCFA
Travel 5%
Salary Not provided
Contact Name Anonymous
Contact Email me/at/
Expires 2019-10-29

Job Description

This analyst will lead the handling of complex cybersecurity incidents at American Airlines. The analyst will receive alerts from a variety of sources, triage these alerts, and initiate response activities to events determined to represent an incident. The analyst is responsible for documenting their activities during the course of an incident and ensuring the retention of appropriate evidence. The analyst is also responsible for communicating information to a variety of audiences, including senior management. In addition, the analyst is responsible for participating in/coordinating activities in support of improving the incident response function, such as lessons learned meetings and playbook revisions.

• Examines and performs comprehensive technical analysis of computer-related evidence and information stored on devices during the course of investigations.
• Utilizes Enterprise Incident Response plan and playbooks to investigate, analyze, and respond to cybersecurity incidents, participates in updating these documents on a routine basis
• Documents information in reports and retains evidence in support of incident response activities
• Uses malware analysis and forensics tools to support cyber incident response analysis
• Serve as point of escalation for other analysts, providing guidance and support in the resolution of incidents, as well as mentorship
• Collaborates with a variety of teams to support intelligence and research activities
• Participates in on-call rotation, to support the enterprise in the event of an incident outside normal business hours
• Maintains confidentiality of information