Jobs NYC

The Senior Associate - Level 3 Analyst (Forensics and Incident Response) is responsible for leading activities related to monitoring, investigating, and responding to security events. The Senior Associate - Level 3 Analyst (Forensics and Incident Response) within SOC Team works with multiple technology platforms and interfaces with other groups within IT security operations, IT security architecture, IT Security Engineering, offshore partners, and other technology and business functions. The SOC team is part of the larger cybersecurity team that falls under the IT IT team consists of over 200 team members globally and is responsible for the firm’s technology landscape.

The ideal candidate will be passionate about information security operations, forensic investigation, and incident response (IR). This position will join our security operations center (SOC) team. The ideal candidate will have a strong background in security operations and incident response. Additionally, the role requires familiarity with recent threats and adversarial techniques, as well as the ability to quickly understand complex environments.

This is an exciting opportunity on a growing team that is investing in their people, process, and technology. The ideal candidate will have experience in the above areas, and a demonstrated ability and willingness to work well with stakeholders from diverse backgrounds. If you are a candidate looking to be a part of a dynamic team, that continuously challenges itself, is committed to learning and improving, and passionate about cybersecurity, then this could be the right opportunity for you!

Location: New York only

PRIMARY FUNCTIONS AND ESSENTIAL RESPONSIBILITIES

• Detects, identifies, and responds to cyber events, threats, security risks, and vulnerabilities in line with cyber security policies and procedures

• When necessary, leads and coordinates incident response activities, engage stakeholders and relevant security teams outside of SOC to effectively investigate and neutralize a security incident

• Plan and execute regular incident response and postmortem exercises, with a focus on creating measurable benchmarks to show progress (or deficiencies requiring additional attention).

• Experience working with SOAR to automate repetitive tasks and drive efficiencies allowing analysts to work on more advanced tasks.

• Communicates with stakeholders and leadership to provide timely and accurate updates on the progress of the Incident response effort

• Identifies, documents, and blocks TTPs, IOCs, and other artifacts during incident response

• Authors content using query languages and scripting for event enrichment and efficient investigation

• Develops procedures and documentation to support incident response and forensic investigation standard operating procedures

• Contributes to the maintenance and optimization of the organization's incident response plan

• Creates detailed timelines and incident post mortem documentation following investigations

• Create, evaluate and update SOC runbooks, playbooks, and procedures as appropriate.

• Conducts threat hunting and analysis using various toolsets based on hypothesis and intelligence

• Partner with the security engineering and platform engineering teams to optimize operations

• Support a program for continuous security controls testing and validation

• Participate in Purple and Blue teaming activities

• Perform Security Incident Campaign analysis

• Mentors and leads junior team members by example and through effective communication via one on one meetings, coaching, informatal instruction, or other methods as required

• Completes projects on time, according to instruction, and within requirements described by stakeholders

• Develop metrics and scorecards to measure risk to the organization, as well as effectiveness and efficiency of SOC associate.

• Perform other duties as planned and communicated by leadership

QUALIFICATIONS

Education:

• Bachelor’s degree or equivalent relevant work experience in Computer Science, Information Technology, Business, Intelligence, or Security Operations

• Professional Certifications such as CISSP, CISM, CEH, GCIH, GCIA, GSOC will be a plus

Skills:

• Excellent communication skills with the ability to influence other teams

• Good understanding of the offensive and defensive side of security

• Driving measurable improvement in monitoring and response capabilities at scale

• Strong team player - collaborates well with others to solve problems and actively incorporates input from various sources.

• Analytical and problem-solving mindset with demonstrated effective decision-making skills

• Works calmly under pressure and with tight deadlines

• Track record of successful personnel management

• Is proactive and highly trustworthy; leads by example

Experience Required:

• 6+ years of experience in Cybersecurity, or with a reputed Services / consulting firm offering security operations consulting or equivalent experience

• Demonstrated proficiency in IR and forensic response using a variety of toolsets

• Experience in scripting languages such as Powershell or Python

• Experience in SOAR (Security Orchestration Automation Response) platform preferred

• Experience with one or more Security Information and Event Management (SIEM) solutions

• Experience with one or more Endpoint Detection and Response (EDR) Solution

• Experience with one or more cloud environments

• Experience as a leader, mentor, and trainer of team members

General Requirements:

• Candidate should be able to work from Office located in New York

• Experience should demonstrate a sharp security mindset, initiative to solve problems, and teamwork

• Elevated level of personal integrity, honesty, and character

• Able to professionally handle confidential matters and show an appropriate level of judgment and maturity

• Strong understanding of IR, forensic investigation, and defensive security

• Keen sense of ownership, accountability, curiosity, and independent thinking

• Comfort in dealing with ambiguity, stress, and uncertainty in a dynamic environment

• Well-developed analytic, critical thinking skills and demonstrated problem-solving abilities and decision-making skills.

• Experience in security monitoring, Incident Response (IR), and security tools configuration and tuning

• Knowledge of cyber security frameworks and attack methodologies

• Experience with EDR, email defense, and other security operations tools

• Inquisitive and committed to continual improvement/learning

• High level of personal integrity, and the ability to professionally handle confidential matters and show an appropriate level of judgment and maturity

• Ability to be flexible in terms of hours to coordinate effectively with team members across time zones

• Excellent communication (written, verbal, presentation, documentation) and client service skills

• Capable of interacting and coordinating with stakeholders to drive project/task/support engagement

• Ability to interact effectively at all levels with sensitivity to cultural diversity

• Ability to adapt to needs of the organization and team as the external environment and organization evolves

• Knowledge of cyber security frameworks and attack methodologies

• Excellent verbal and written English communication skills

• Proficiency in Portuguese Language both business written and oral will be a plus but not mandatory.

Skills

Forensic Investigations, Incident response, SPL query - Expert Level

Pay and Benefits

The pay range for this position is $70.00 - $80.00/hr.

Eligibility requirements apply to some benefits and may depend on your job classification and length of employment. Benefits are subject to change and may be subject to specific elections, plan, or program terms. If eligible, the benefits available for this temporary role may include the following: • Medical, dental & vision• Critical Illness, Accident, and Hospital• 401(k) Retirement Plan – Pre-tax and Roth post-tax contributions available• Life Insurance (Voluntary Life & AD&D for the employee and dependents)• Short and long-term disability• Health Spending Account (HSA)• Transportation benefits• Employee Assistance Program• Time Off/Leave (PTO, Vacation or Sick Leave)

Workplace Type

This is a hybrid position in New York,NY.

Application Deadline

This position is anticipated to close on Mar 31, 2025.

About TEKsystems:

We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company.

The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.