This position can either be based out of Herndon, VA or Dallas, TX.
As a Senior Cyber Security Incident Response Analyst, you will be part of Cyber Security Incident Response (CSIRT) team at Freddie Mac and will help carry Information Security department’s vision of reducing information risk by ensuring and enhancing the availability, reliability and accessibility of Information systems at Freddie Mac. You will assist in responding to security incidents in a mission critical production environment, such as investigating and remediating possible endpoint malware infections, mitigating threats such as unauthorized use, spam and phishing. You will coordinate response, triage and recovery activities for security events affecting the company’s information assets. You will report to Cyber Security Incident Response Manager.
Your Work Falls into Three Primary Categories:
Security Events and Incidents
- Manage security events identified from enterprise SIEM tool, Threat Intelligence, end user notifications, etc. to determine security risk and respond accordingly.
- Coordinate response, triage and escalation of security events affecting the company’s information assets and activities within the Incident Response team.
- Categorize, prioritize, and normalize an event to determine if it meets the threshold of a potential incident and declare an incident, if required following documented process.
- Analyze and research known indicators of compromise (IOCs), correlate events, identify malicious activity, and take appropriate containment steps.
- Formulate and execute a response to the incident and verify that it is contained, eradicated and systems are recovered.
- Based on the review of the process and steps taken to remediate an incident, suggest and implement improvements in the environment (such as improving technical controls) and/or improve the incident response process.
- Apply critical thinking in understanding the new & emerging threats working along with Cyber Threat Intelligence and Threat detection team and then build & execute required action plan.
Communication and Collaboration
- Effectively collaborate within Information Security with Security Operations, Threat Intel, Forensics, Threat Detection and Vulnerability management teams as well as external teams in various lines-of-business to enable enhancements in Freddie Mac’s security posture.
- Present security analysis, action plan and risks to different audiences and adjust the delivery accordingly (business, technical and management) using either structured presentations or ad-hoc, and establish consensus.
- Establish and maintain business relationships with individual contributors as well as management.
- Participate in the review and documentation of requirements for analyzing the specific threats to assist in development of new use cases to detect, report, log, track, and escalate security events.
- Communicate effectively and clearly to both technical and non-technical audience.
- Augment Incident Response team to ensure 24/7 coverage and operations. Responsibilities occasionally will require working evenings and weekends, sometimes with little or no advanced notice.
- Routinely develop and update incident response playbooks to ensure response activities align with best practices, minimize gaps in response and provide comprehensive mitigation of threats.
- Execute daily ad-hoc tasks or manage small projects as needed.
- 5-7 years of Information Security or Incident Response related experience
- 2+ years of hands-on experience in at least two of the following areas: security operations, incident response, network/host intrusion detection, threat response.
- Demonstrated experience in handling security events in mission critical environments; hands-on troubleshooting, analysis, and technical expertise to resolve incidents and service requests.
- Proven past experience in day-to-day operational processes such as security monitoring, data correlation, troubleshooting, security operations etc.
- Good grasp of security incident response, such as different phases of response, vulnerabilities vs threats vs actors, Indicators of Compromise (IOCs), etc.
- Experience analyzing system and application logs to investigate security issues and/or complex operational issues.
- Strong knowledge of enterprise detection technologies and processes (Advanced Threat Detection Tools, IDS/IPS, Network Packet Analysis, Endpoint Protection).
- Demonstrated experience with utilizing SIEM (such as Splunk, ArcSight etc.) in investigating security issues and / or complex operational issues on Windows and Unix .
- Strong knowledge of network protocols and operating systems (Windows, Unix, Linux, Databases).
- Bachelor’s degree in Information Security, Computer Science, Information Technology, related field or equivalent work experience.
Key to Success in this Role
- Self-starter and self-motivated.
- Ability to work & collaborate effectively well in a team environment.
- A sense of humor.
- Ability to communicate clearly, effectively, persuasively and credibly with internal management and external senior level oversight entities.
- Motivated to learn new technologies and come up with process improvements and efficiencies.
- Sense of urgency and able to apply risk based approach to prioritize work.
- Ability to adopt change while continuing to deliver on assigned objectives.
- Strong verbal and written communications skills.
Top 3 Personal Competencies to Possess
- Leadership – Set and execute upon a clear vision, strategy, and/or goals
- Seek and Embrace Change – Continuously improve work processes rather than accepting the status quo
- Growth and Development – Know or learn what is needed to deliver results and successfully compete
- GIAC, GCIH, CEH, CSA+, CISSP certifications
- Threat Hunting experience
- Experience in the financial services industry
- Experience in Unix Scripting, Programming, SQL
Today, Freddie Mac makes home possible for one in four home borrowers and is one of the largest sources of financing for multifamily housing. Join our smart, creative and dedicated team and you’ll do important work for the housing finance system and make a difference in the lives of others. Freddie Mac is an equal opportunity and top diversity employer. EOE, M/F/D/V.
Notice to External Search Firms: Freddie Mac partners with BountyJobs for contingency search business through outside firms. Resumes received outside the BountyJobs system will be considered unsolicited and Freddie Mac will not be obligated to pay a placement fee. If interested in learning more, please visit www.BountyJobs.com and register with our referral code: MAC. Once registered, Freddie Mac will have access to your contact information should we choose to engage your agency for future hiring needs.
< BACK TO SEARCH RESULTS