Senior Security Incident Response Analyst
Apply NowCompany: Compunnel Software Group
Location: Richmond, VA 23223
Description:
Job Summary:
The Cybersecurity Incident Response Specialist plays a critical role in responding to and managing cybersecurity incidents across the organization. This position is part of the Computer Security Incident Response Team (CSIRT) and requires deep expertise in incident handling, network and endpoint security, and security orchestration and automation. The specialist will be responsible for managing end-to-end incident response lifecycle, participating in on-call rotations, supporting cybersecurity projects, enhancing incident response capabilities, and reporting on key metrics.
Job Responsibilities:
Required Skills:
Preferred Skills:
Certifications:
[List certifications if applicable - e.g., CISSP, GCIA, GCIH, or other relevant certifications]
Education: Bachelors Degree
The Cybersecurity Incident Response Specialist plays a critical role in responding to and managing cybersecurity incidents across the organization. This position is part of the Computer Security Incident Response Team (CSIRT) and requires deep expertise in incident handling, network and endpoint security, and security orchestration and automation. The specialist will be responsible for managing end-to-end incident response lifecycle, participating in on-call rotations, supporting cybersecurity projects, enhancing incident response capabilities, and reporting on key metrics.
Job Responsibilities:
- Respond to and coordinate cybersecurity incidents, serving as the primary point of contact during on-call rotations (24/7 availability one week every four weeks).
- Lead cross-functional teams of technical experts to contain, eradicate, and recover from security threats.
- Use Microsoft Defender, Microsoft Sentinel, and Microsoft Azure during incident response efforts.
- Manage incident tickets, analyze impact, and communicate with stakeholders across the organization.
- Support the CSIRT team with process optimization, playbook development, and incident documentation.
- Contribute to threat detection and response program maturity through process automation and framework optimization (e.g., MITRE ATT&CK).
- Participate in internal and external security governance and readiness activities such as tabletop exercises, lessons learned, and incident reviews.
- Provide project support for cybersecurity enhancements and integration of detection and response capabilities into new initiatives.
- Track and report key incident response metrics, supporting continuous improvement and transparency.
- Collaborate with the Incident Response Program Lead to implement best practices and drive operational excellence.
Required Skills:
- 5+ years of hands-on experience in cybersecurity incident response.
- Proficiency with Microsoft Defender, Microsoft Sentinel, and Microsoft Azure in incident response contexts.
- Strong background in network security, endpoint security, and security orchestration/automation.
- Ability to lead and coordinate response teams under high-pressure conditions.
- Excellent analytical, communication, and problem-solving skills.
- Ability to handle confidential information with integrity and professionalism.
- Willingness to participate in a rotating 24/7 on-call schedule.
Preferred Skills:
- Familiarity with the MITRE ATT&CK framework and threat detection methodologies.
- Experience with automation tools and scripting for response workflows.
- Strong documentation and reporting skills.
Certifications:
[List certifications if applicable - e.g., CISSP, GCIA, GCIH, or other relevant certifications]
Education: Bachelors Degree