[Remote] Cybersecurity Incident Response Triage Analyst

Note: The job is a remote job and is open to candidates in USA. RemoteHunter is connecting candidates with a client organization that serves the US federal government, focusing on enhancing national security and public services. The Cybersecurity Incident Response Triage Analyst will monitor, analyze, and triage cybersecurity alerts and incidents, ensuring timely identification and qualification of potential security events while collaborating closely with various teams.

Responsibilities

• Monitor and respond to cybersecurity incidents related to policy violations
• Analyze and investigate incidents to determine nature and scope
• Coordinate with team lead and other incident response teams for resolution
• Document incidents and response activities in detail
• Stay informed on cybersecurity threats and trends
• Support development and refinement of incident response strategies and procedures
• Collaborate with operations, legal, HR, and management to investigate security issues and interview subjects to confirm true or false positives

Skills

• US Citizenship required
• 1 to 2 years of experience in information security or equivalent education/work experience
• At least 1 year of experience in event and log analysis using tools such as Anti-Virus, IDS, firewalls, Active Directory, web proxies, DLP, and SIEM solutions
• Strong written and verbal communication skills with attention to detail
• Familiarity with network and host-based security tools, including assessment/scanning tools and intrusion detection systems
• Understanding of TCP/IP, common application protocols, and packet analysis
• Knowledge of static and dynamic malware analysis concepts
• Experience recognizing indicators of attack and compromise
• Familiarity with Windows and Linux architecture and endpoint analysis
• Basic skills in data parsing and analysis tools like Excel, grep, sed, awk, regex
• GIAC certifications such as GCED, GCLD, GCIH, GCFA, or GREM

Company Overview