The #1 Site for Internships and Entry Level Jobs - search all Internships and Entry Level jobs.

Cyber Incident Response Specialist

Job Description

RSM is hiring a Cyber Incident Response Specialist. As part of the threat intelligence led security incident response team, anticipate, prevent, plan, and execute risk-based responses to cyber security incidents. Work incident response, security intelligence, and investigations. When not guiding and coordinating security incidents for the firm, prepare for future incidents, hunt threats, and conduct investigations. Automation is preferred over manual direction of computer and network defenses. May work extended hours and/or be on-call for addressing after hours incidents.

Essential Duties
• Monitor and respond to security events and incidents using established processes, creating process and procedures where none are already established. Detect and assess threats to the computer networks and assets. Analyze sensitive authentication activities and privilege combinations that could lead to abuse; monitor privileged access activity for possible abuse; monitor suspicious and/or inappropriate activities; assess data leakage vulnerabilities; and establish baseline usage information and trends. Perform root cause analysis on security incidents.
• Administer security tools, keeping them current, tuned, and optimized.
• Hunt for threats and malware that alarms miss, develop indicators and tripwires to improve detection and prevention capabilities.
• Collect, process, and analyze data and information to create threat intelligence. Provide rapid assessments of potentially imminent security situations, sensitive developments and complex threat issues. Assess unforeseen threat developments and recommend changes in security direction and approach.
• Collect and analyze data and evidence in support of investigations, preserving chain of custody when necessary.
• Engineer security tools and processes to meet scope and mission requirements. Leverage and expand the capabilities of existing analytical tools and technologies; recommend new technologies as appropriate to enable a more robust advanced security data analytics capability. 

Minimum Qualifications
• Bachelor’s Degree or equivalent work experience.
• 1 to 3 years in the IT Security field where daily activities included hands-on technical work
• Experience with system administration and network configuration.
• Experience with data mining / correlation & log analysis.
• 1 year industry experience in intrusion analysis or security relevant troubleshooting for large-scale enterprise environment
• Working knowledge of security operations: perimeter defense, forensics, incident response, kill chain analysis, risk assessment and security metrics.
• 1 or more security certifications (e.g. CISSP, Security +, GCIA, GSEC, GISF) preferred.
• GIAC Certified Incident Handler (GCIH) and/or Certified Ethical Hacker (CEH) specifically preferred.
• Ability to build and automate efficient and effective scripts from scratch preferred.
• Big Data analytics experience preferred.
• Forensic experience and malware reversing (disk/memory/network forensics) preferred.
• Knowledge and experience of toolsets and frameworks like ELK stack, splunk, Maltego, OpenSOC, OpenIOC, STIX, TAXII, CybOX preferred. 


You want your next step to be the right one. You've worked hard to get where you are today. And now you're ready to use your unique skills, talents and personality to achieve great things. RSM is a place where you are valued as an individual, mentored as a future leader, and recognized for your accomplishments and potential. Working directly with clients, key decision makers and business owners across various industries and geographies, you'll move quickly along the learning curve and our clients will benefit from your fresh perspective.

Experience RSM US. Experience the power of being understood.

RSM is an equal opportunity/affirmative action employer. Minorities/Females/Disabled/Veterans.

Job Requirements

 

Job Snapshot

Location US-MN-Minneapolis
Employment Type Full-Time Employee
Pay Type Year
Pay Rate N/A
Store Type Information Technology
Apply

Company Overview

RSM US LLP

Effective Oct. 26, 2015, McGladrey united with fellow members of our global network under the common brand name RSM. RSM US LLP is the leading provider of audit, tax and consulting services focused on the middle market, with more than 8,000 people in 80 offices nationwide. It is a licensed CPA firm and the U.S. member of RSM International, a global network of independent audit, tax and consulting firms with more than 37,500 people in over 110 countries. RSM uses its deep understanding of the needs and aspirations of clients to help them succeed. For more information, visit www.rsmus.com. Learn More

Contact Information

US-MN-Minneapolis
Snapshot
RSM US LLP
Company:
US-MN-Minneapolis
Location:
Full-Time Employee
Employment Type:
Year
Pay Type:
N/A
Pay Rate:
Information Technology
Store Type:

Job Description

RSM is hiring a Cyber Incident Response Specialist. As part of the threat intelligence led security incident response team, anticipate, prevent, plan, and execute risk-based responses to cyber security incidents. Work incident response, security intelligence, and investigations. When not guiding and coordinating security incidents for the firm, prepare for future incidents, hunt threats, and conduct investigations. Automation is preferred over manual direction of computer and network defenses. May work extended hours and/or be on-call for addressing after hours incidents.

Essential Duties
• Monitor and respond to security events and incidents using established processes, creating process and procedures where none are already established. Detect and assess threats to the computer networks and assets. Analyze sensitive authentication activities and privilege combinations that could lead to abuse; monitor privileged access activity for possible abuse; monitor suspicious and/or inappropriate activities; assess data leakage vulnerabilities; and establish baseline usage information and trends. Perform root cause analysis on security incidents.
• Administer security tools, keeping them current, tuned, and optimized.
• Hunt for threats and malware that alarms miss, develop indicators and tripwires to improve detection and prevention capabilities.
• Collect, process, and analyze data and information to create threat intelligence. Provide rapid assessments of potentially imminent security situations, sensitive developments and complex threat issues. Assess unforeseen threat developments and recommend changes in security direction and approach.
• Collect and analyze data and evidence in support of investigations, preserving chain of custody when necessary.
• Engineer security tools and processes to meet scope and mission requirements. Leverage and expand the capabilities of existing analytical tools and technologies; recommend new technologies as appropriate to enable a more robust advanced security data analytics capability. 

Minimum Qualifications
• Bachelor’s Degree or equivalent work experience.
• 1 to 3 years in the IT Security field where daily activities included hands-on technical work
• Experience with system administration and network configuration.
• Experience with data mining / correlation & log analysis.
• 1 year industry experience in intrusion analysis or security relevant troubleshooting for large-scale enterprise environment
• Working knowledge of security operations: perimeter defense, forensics, incident response, kill chain analysis, risk assessment and security metrics.
• 1 or more security certifications (e.g. CISSP, Security +, GCIA, GSEC, GISF) preferred.
• GIAC Certified Incident Handler (GCIH) and/or Certified Ethical Hacker (CEH) specifically preferred.
• Ability to build and automate efficient and effective scripts from scratch preferred.
• Big Data analytics experience preferred.
• Forensic experience and malware reversing (disk/memory/network forensics) preferred.
• Knowledge and experience of toolsets and frameworks like ELK stack, splunk, Maltego, OpenSOC, OpenIOC, STIX, TAXII, CybOX preferred. 


You want your next step to be the right one. You've worked hard to get where you are today. And now you're ready to use your unique skills, talents and personality to achieve great things. RSM is a place where you are valued as an individual, mentored as a future leader, and recognized for your accomplishments and potential. Working directly with clients, key decision makers and business owners across various industries and geographies, you'll move quickly along the learning curve and our clients will benefit from your fresh perspective.

Experience RSM US. Experience the power of being understood.

RSM is an equal opportunity/affirmative action employer. Minorities/Females/Disabled/Veterans.

Job Requirements

 
Mwm86068w7y1v4nhqzm
CareerRookie Advice

For your privacy and protection, when applying to a job online: Never give your social security number to a prospective employer, provide credit card or bank account information, or perform any sort of monetary transaction.Learn More

By applying to a job using careerrookie.com you are agreeing to comply with and be subject to the workinretail.com Terms and Conditions for use of our website. To use our website, you must agree with theTerms & Conditionsand both meet and comply with their provisions.
Cyber Incident Response Specialist Apply now