Sr. Incident Response AnalystBusinesses United Technologies Corp. Headquarters Job ID 01273777 Date posted 01/03/2019 City Farmington State Connecticut Country United States
Country:United States of America
Location:UT6: 4 Farm Springs 4 Farm Springs Road, Farmington, CT, 06032 USA
United Technologies Corporation (UTC) is seeking an experienced incident response professional to join our Cyber Security and Risk Management Team. The Incident Response Analyst will perform a range of technical services; focused on operational security to identify threats, perform incident response, manage threat intelligence and improve processes.
- Analyze and investigate events using an enterprise security information and event monitoring (SIEM), logs from firewalls, IDS/IPS, proxies, servers, endpoints and other network devices to determine risk
- Performs information security incident response and incident handling based on risk categorization and in accordance with established procedures
- Assist in the administration and integration of security tools to include new data/log sources, expanding network visibility and automation
- Manage and integrate threat intelligence received from a variety of sources into the security monitoring framework
- Research the latest vulnerabilities, exploits and other relevant threat information and trends
- Collaborate and interact with peers and stakeholders across the Corporate and Business Unit information technology organizations
- Rotational, after-hours operational support (on-call)
- Perform other duties as assigned
Bachelor or Master’s degree in Computer Science/Engineering, Information Systems or related field with a minimum of 6 to 10+ years’ experience.
- Minimum 5 years working in Security Incident Response required.
- Excellent and demonstrated written and verbal communication skills; must be able to communicate technical details clearly and concisely with peers and all levels of management
- Capability to think and operate independently and in a team environment with minimal supervision
- Proactive and results driven mindset
- Strong process orientation and ability to develop and follow standard work; attention to detail
- Organizational skills to manage multiple competing priorities and deadlines in a fast-paced working environment
- Proven ability to troubleshoot and solve technical issues
Candidate must have technical experience in the following areas:
- Network analysis using tcpdump, Wireshark or other packet capture tools
- Searching, interpreting and working with data from enterprise logging systems including syslog, netflow and SIEM/SEIM platforms
- Scripting languages such as Python and PowerShell
- Malware sandboxes
- Windows and Linux operating systems
- Endpoint protection suites such as Symantec, McAfee, Carbon Black or Tanium
- Systems or network architecture
- Collection and management of threat intelligence
- Host based forensics using EnCase, FTK or other digital forensics tools
- The following certifications considered an advantage:
- Certified Information Systems Security Professional (CISSP)
- GIAC Certified Windows Security Administrator (GCWN)
- GIAC Certified Enterprise Defender (GCED)
- GIAC Certified Incident Handler (GCIH)
- Microsoft Certified Solutions Expert (MCSE)
- Red Hat Certified Engineer (RHCE)
US Citizen or US Person required.
Work could involve ITAR-regulated projects.
United Technologies Corporation is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.
Click on this link to read the Policy and Terms
United Technologies Corporation is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age, or any other federally protected class.