Senior Security Incident Response Analyst
Apply NowCompany: Compunnel Software Group
Location: Richmond, VA 23223
Description:
Job Summary
We are seeking an experienced Senior Security Incident Response Analyst to join our cybersecurity team. The ideal candidate will have deep technical expertise in incident response and the ability to lead cross-functional teams during high-impact security events. This role will support and enhance our Cybersecurity Incident Response Team (CSIRT) through direct involvement in incident handling, process improvement, and strategic planning. A strong background in network and endpoint security, combined with hands-on experience using Microsoft Defender, Sentinel, and Azure, is essential.
Key Responsibilities
Required Qualifications
Preferred Qualifications (if any)
Experience with optimizing CSIRT programs using the MITRE ATT&CK framework. Familiarity with threat intelligence integration and automated detection rules. Prior involvement in CSIRT program development and process maturity initiatives.
Certifications (if any)
Education: Bachelors Degree
Certification: Certified Information Systems Security Professional
We are seeking an experienced Senior Security Incident Response Analyst to join our cybersecurity team. The ideal candidate will have deep technical expertise in incident response and the ability to lead cross-functional teams during high-impact security events. This role will support and enhance our Cybersecurity Incident Response Team (CSIRT) through direct involvement in incident handling, process improvement, and strategic planning. A strong background in network and endpoint security, combined with hands-on experience using Microsoft Defender, Sentinel, and Azure, is essential.
Key Responsibilities
- Security Incident Handling
- Serve as the primary incident handler on a rotating 24/7 on-call schedule (one week every four weeks).
- Coordinate and execute end-to-end response activities for cybersecurity incidents.
- Manage incident tickets, impact assessments, and stakeholder communications.
- Collaborate with internal infrastructure and security teams to ensure timely and effective resolution.
- Project Support
- Participate in the planning and execution of IT projects that support CSIRT operations.
- Work closely with the Incident Response Program Lead to ensure project goals are met.
- Contribute to the improvement of incident detection and response capabilities.
- Program Capabilities and Process Maturity
- Recommend and implement enhancements to CSIRT processes and tools, including automation and orchestration.
- Help optimize the use of frameworks such as MITRE ATT&CK.
- Improve documentation, threat detection, and intelligence sharing across stakeholders.
- Metrics and Reporting
- Develop and implement KPIs and reporting dashboards to measure incident response performance.
- Collaborate with leadership to ensure effective upward reporting of incident data and trends.
- Program Governance
- Lead and support incident preparedness efforts, including tabletop exercises and lessons learned reviews.
- Conduct incident ticket reviews and participate in internal governance activities to strengthen CSIRT readiness.
Required Qualifications
- Minimum of 5 years of hands-on experience responding to cybersecurity incidents.
- Expertise with the following tools during incident response:
- Microsoft Defender
- Microsoft Sentinel
- Microsoft Azure
- Strong technical knowledge in:
- Network Security
- Endpoint Security
- Cybersecurity Incident Response
- Security Orchestration and Automation
- Demonstrated ability to lead and collaborate with cross-functional technical teams.
- Willingness and ability to participate in a rotating 24x7 on-call schedule.
Preferred Qualifications (if any)
Certifications (if any)
- Industry-recognized cybersecurity certifications such as:
- GCIA, GCIH, GCFA, CISSP, or equivalent (Preferred)
Education: Bachelors Degree
Certification: Certified Information Systems Security Professional