Provide Tier 2 incident response services to the global organization on behalf of the Information Security Team
Receive, process, and resolve tickets per defined SLA's
Analyze information garnered from monitoring systems, operational incidents, and other sources to determine the scope and impact of potential security incidents, and process accordingly
Critically assess current practices and provide feedback to management on improvement opportunities
Assist with the design and implementation of threat detection and prevention solutions identified as necessary for the protection of Firm assets
Effectively utilize common IR toolsets, platforms, and processes, such as SIEM, log management, packet capture, and breach detection systems
Assist with forensic examinations and chain-of-custody procedures as directed by the Security Incident Response Engineers