Incident Response Analyst Assist Enterprise Incident Response team in detecting and responding to site incidents within the Enterprise.
- Perform information security and event analysis using McAfee network security manager.
- Correlate output from network-based IPS tools, SIEMs and McAfee ePO to determine true threats, false positives, network-based anomalies, and system-based anomalies within the Enterprise.
- Provide reports detailing detected events to Senior Management and site IAMs.
- Craft IPS custom signatures, define preconfigured policies, and modify global policy on behalf of site IA teams as requested and as needed.
- IAT-II DoD 8570.01-M compliant certification or higher (Security+, CISSP)
- Bachelors degree of 4 years additional experience in lieu of degree
- 2 years of HelpDesk experience
- Familiar with the following:
- Host and Network- based Intrusion Prevention Systems and IPS Analysis
- Host and Network-based firewall technologies
- Anti-Virus applications
- Internet protocols
- Vulnerability scanners
- Palo Alto IDS
- SNORT/custom signatures
- McAfee NSM
- McAfee ESM/Nitro