The Senior Security Analyst - Incident Response will work with the Lead Security Analyst as a key member of the incident response team. In this role you will respond to and contain cybersecurity incidents by performing forensics and investigations in coordination with other Vanderbilt functions to limit damage and reduce recovery time and costs.
Vanderbilt's Security Engineering and Operations team focuses on threat management, vulnerability management, security monitoring and responds to and contains potential cybersecurity incidents by performing forensics and investigations in coordination with other Vanderbilt functions to limit damage and minimize recovery time and costs.
Duties and Responsibilities
Reporting to the Security Engineering and Operations Director this role will perform the following functions:
Act as a technical escalation point for Security Operations, Incident Response, and eDiscovery related initiatives;
Advise the department of emerging threats, adversary tools, tactics, and procedures (TTPs), and recommend both strategic and tactical steps to counteract these threats;
Execute digital forensics and incident response (DFIR) initiatives and generate required incident reports/records (e.g., investigator journals);
Assist in the development and maintenance of security operations, incident response, and eDiscovery plans/procedures including all required supporting materials;
Organize, participate in and, if required, chair post-incident reviews including lessons learned for presentation to the senior management;
Conduct Incident Response Team Table Top Exercises (TTX) to prepare for cyber incidents;
When needed, execute assigned role as a member of the Vanderbilt Computer Security Incident Response Team (VUCSIRT);
Assist and train junior analysts in the use of security tools, the preparation of security reports and the resolution of security issues.
Professional information security certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), GIAC Certified Incident Handler (GCIH), GIAC Certified Forensic Analyst (GCFA), CERT Incident Response Process Professional Certificate, or EC-Council Certified Incident Handler (ECIH) preferred, but not required.
Experience working in/with a Security Operations center and handling escalations;
Experiencing conducting digital forensic analysis across various focus areas (host based, network, malware, etc.)
Experience participating in incident response activities;
Experience researching adversary tools, tactics, and procedures (TTPs) and countering them;
Knowledge of the incident response lifecycle and the stages of a cyber-attack;
Knowledge of malware behavior, investigations, and containment strategies
Knowledge of cloud security tools, processes, and technology
Knowledge of IT infrastructure: applications, databases, operating systems -- Windows, Unix and Linux, hypervisors, IP networks -- WAN and LAN, storage networks -- Fibre Channel, iSCSI and NAS, backup networks and media;
Strong written and verbal communication skills, interpersonal and collaborative skills;
Knowledge of the following preferred: NIST Cybersecurity Framework (CSF), ISO/IEC 27001/2, CIS Top 20 Controls, NIST SP 800-53, ISA/IEC 62443, DoD CMMC ; and
High level of personal integrity, as well as the ability to professionally handle confidential matters, and show an appropriate level of judgment and maturity.
Commitment to Equity, Diversity, and Inclusion
At Vanderbilt University, we are intentional about and assume accountability for fostering advancement and respect for equity, diversity, and inclusion for all students, faculty, and staff. Our commitment to diversity makes us who we are. We have created a community that celebrates differences and lets individuality thrive. As part of this commitment, we actively value diversity in our workplace and learning environments as we seek to take advantage of the rich backgrounds and abilities of everyone. The diverse voices of Vanderbilt represent an invaluable resource for the University in its efforts to fulfill its mission and strive to be an example of excellence in higher education.
Vanderbilt University is an equal opportunity, affirmative action employer. Women, minorities, people with disabilities, and protected veterans are encouraged to apply.
Please note, all candidates selected for an offer of employment are subject to pre-employment background checks, which may include but are not limited to, based on the role for which they have been selected: criminal history, education verification, social media review, motor vehicle records, credit history, and professional license verification.
Internal Number: 10000975
About Vanderbilt University
Vanderbilt University is a center for scholarly research, informed and creative teaching, and service to the community and society at large. Vanderbilt will uphold the highest standards and be a leader in the quest for new knowledge through scholarship, the dissemination of knowledge through teaching and outreach, and the creative experimentation of ideas and concepts. In pursuit of these goals, Vanderbilt values most highly intellectual freedom that supports open inquiry, equality, compassion, and excellence in all endeavors.