Sr. Cybersecurity Incident Response Analyst (Application Analyst III) - Digital and Technology Partners - Remote
The Mount Sinai Cybersecurity Operations team is looking for a highly motivated Sr. Cybersecurity Incident Response Analyst. The Sr. Cybersecurity Incident Response Analyst will be a key member of the Cybersecurity operations team at Mount Sinai Health System and participates in incident response, threat investigations, threat campaigns, creating new detection methodologies and providing expert support to the security monitoring team. The focus of the Sr. Cybersecurity Incident Response Analyst is to detect, analyze and respond to cybersecurity incidents to minimize the impact of an cyber incident. To execute this mission, the Sr. Cybersecurity Incident Response Analyst will use data analysis, threat intelligence, and cutting-edge security technologies.
Strongly preferred:
? Experience using one or more SIEM and SOAR platforms
? Deep experience and understanding of network/host-based intrusion analysis
? Experience working with industry-wide frameworks and standards like MITRE ATT&CK, STIX, TAXII, and Cyber kill chain.
? Experience with EDR technologies (e.g., CrowdStrike, Carbon Black-Response, Defender ATP, Sentinel One)
? Experience managing security in cloud environments such as Azure, GCP or AWS
? Experience with reverse-engineering, C&C exploitation, and broader system/network forensics
In addition, strongly prefer the ideal candidate to have:
? One or more certifications, including but not limited to GCIH, GCIA, GCFE, GREM, GCFA, GSEC, CEH
? Experience normalizing and parsing large data sets
? Ability to independently perform statistical analysis and inference, data modeling, clustering and predictive analysis
? Ability to translate cyber and application security issues into analytical models. Capability to effectively multitask
? Excellent verbal and written communication skills
? Knowledge of security appliances and professional / open source tools that support threat hunting, including understanding the analysis of competing hypotheses
? Experience with either Red team or Blue team operations and ability to think both like an attacker and defender
? A passion for research, and uncovering the unknown about internet threats and threat actors
? The ability to successfully interface with both internal and external clients
? The ability to document and explain technical details in a concise, understandable manner
Non-Bargaining Unit, 296 - DTP Security - MSH, Mount Sinai Hospital