Senior Incident Response Analyst

Position Details

Position Information

Recruitment/Posting Title Senior Incident Response Analyst

Job Category Staff & Executive - Administrative & Support Department OIT-Info Protection & Security-Z26723 Overview

Rutgers, The State University of New Jersey, is a leading national research university and the State of New Jersey's preeminent, comprehensive public institution of higher education. As one of the largest employers in the State of New Jersey, Rutgers University is committed not only to the students and the State that we serve, but also to the faculty and staff who work on our campuses.

For two consecutive years, Rutgers is ranked on Forbes' list of America's Best Large Employers. Rutgers holds #64 of 500 employers and is the #1 New Jersey employer on the publication's 2023 list. Rutgers' commitment to its employees includes maintaining and fostering a safe, diverse, and respectful workplace environment, creating employment opportunities for our nation's military veterans, and ensuring accessibility and accommodation for individuals with disabilities.

Posting Summary

Rutgers, The State University of New Jersey, is seeking a Senior Incident Response Analyst for the Information Security Office which is within the division of the Office of Information Technology (OIT). This position is expected to perform daily operations of the incident detection and response program, which includes finding evidence of threats or suspicious behavior and leveraging data to improve controls and processes as well as monitoring of information security incidents throughout Rutgers' computing environment.

Among the key duties of this position are the following:

Serves as an escalation point for Incident Response Analysts and provide expert-level analytic, investigative and forensic support of complex security incidents to detect and remediate security threats on networks, workstations, servers, and other connected devices.

Provides expert level advice and services to business units throughout the University while participating in all phases of Rutgers' Integrated Incident Response Program (Prepare, Detect & Analyze, Contain, Eradicate, Recovery, Report, Remediate).

Position Status Full Time Hours Per Week Daily Work Shift Work Arrangement FLSA Exempt Grade 07 Position Salary Annual Minimum Salary 100957.000 Annual Mid Range Salary 127713.000 Annual Maximum Salary 154469.000 Standard Hours 37.50 Union Description Admin Assembly (MPSC) Payroll Designation PeopleSoft Benefits

Rutgers offers a comprehensive benefit program to eligible employees. For details, please go to https:// uhr.rutgers.edu/benefits/benefits-overview. Rutgers also offers a benefit program to eligible full-time postdoctoral fellow students. For details, please go to https: // finance.rutgers.edu/healthcare-risk/insurance/postdoctoral-health- insurance.

Seniority Unit Terms of Appointment Staff - 12 month Position Pension Eligibility ABP

Qualifications

Minimum Education and Experience

Bachelor's degree or equivalent education and experience.

Five or more years of relevant work experience in the following: Information security experience, vulnerability scanning, penetration testing and/or security operations.

Certifications/Licenses Required Knowledge, Skills, and Abilities

Knowledge in a wide array of cybersecurity tools and their capabilities as they pertain to the detection and mitigation of Cyber Threats (SIEM, EDR, NGFW, DLP, IPS/IDS, etc.).

Knowledge of industry standard cybersecurity frameworks (Mitre ATT&CK, NIST Incident Response, etc.).

Understanding of complex enterprise networks to include routing, switching, firewalls and common networking protocols (HTTP, DNS, SMB, etc.).

Experience with Regex and at least one common scripting language (PERL, Python, PowerShell).

Experience with an enterprise SIEM platform.

Must demonstrate excellent verbal and written communication skills.

Must be able to communicate technical problems succinctly and accurately.

Must be able to handle multiple, shifting priorities and a large volume of technical problem resolution.

Must quickly learn and be able to apply and document new technical knowledge and procedures.

Must work well with peers and junior staff in a team oriented, cooperative spirit.

Preferred Qualifications

Degree in a related field such as Information Security.

Relevant certifications such as GSFA, GCIH (or other SANS certifications), CISSP, CEH, Security+, ITIL.

Experience as a key member of a cybersecurity team (SOC, Incident Response, Threat Intel, Malware Analysis, Live Forensics, IDS/IPS Analysis).

Knowledge of TTPs related to cyber-crime, malware, botnets, social engineering, APTs and other threats.

Expertise in network and host-based analysis and investigation.

Equipment Utilized

Vulnerability analysis/Penetration testing.

Packet capture and Netflow.

Firewalls/IPS/IDS/EDR.

Syslog/SIEM/Dashboards & Alerting/SOAR.

Threat hunting/Malware Analysis.

Windows/Linux/macOS.

Physical Demands and Work Environment

Must be able to lift up to 50 pounds for the purpose of moving computer equipment.

Special Conditions

Posting Details

Posting Number 23ST1475

Posting Open Date 05/23/2023 Special Instructions to Applicants Regional Campus Rutgers University-New Brunswick Home Location Campus Busch (RU-New Brunswick) City Piscataway State NJ Location Details

Pre-employment Screenings

All offers of employment are contingent upon successful completion of all pre- employment screenings.

Immunization Requirements

Under Policy 60.1.35 Immunization Policy for Rutgers Employees and Prospective Employees, Rutgers University requires all prospective employees to provide proof that they are vaccinated against COVID-19 prior to commencement of employment, unless the University has granted the individual a medical or religious exemption. Rutgers University may require certain prospective employees to receive an updated (bivalent) vaccine dose. Under Policy 100.3.1 Immunization Policy for Covered Individuals, if employment will commence during Flu Season, Rutgers University may require certain prospective employees to provide proof that they are vaccinated against Seasonal Influenza for the current Flu Season, unless the University has granted the individual a medical or religious exemption. Additional infection control and safety policies may apply. Prospective employees should speak with their hiring manager to determine which policies apply to the role or position for which they are applying. Failure to provide proof of vaccination for any required vaccines or obtain a medical or religious exemption from the University will result in rescission of a candidate's offer of employment or disciplinary action up to and including termination.

Affirmative Action/Equal Employment Opportunity Statement

It is university policy to provide equal employment opportunity to all its employees and applicants for employment regardless of their race, creed, color, national origin, age, ancestry, nationality, marital or domestic partnership or civil union status, sex, pregnancy, gender identity or expression, disability status, liability for military service, protected veteran status, affectional or sexual orientation, atypical cellular or blood trait, genetic information (including the refusal to submit to genetic testing), or any other category protected by law. As an institution, we value diversity of background and opinion, and prohibit discrimination or harassment on the basis of any legally protected class in the areas of hiring, recruitment, promotion, transfer, demotion, training, compensation, pay, fringe benefits, layoff, termination or any other terms and conditions of employment. For additional information please see the Non-Discrimination Statement at the following web address: https:// uhr.rutgers.edu/non- discrimination-statement

Supplemental Questions

Required fields are indicated with an asterisk ().

Do you have a bachelor's degree or equivalent education and experience?

Yes

No

Do you have five or more years of relevant work experience in the following: Information security experience, vulnerability scanning, penetration testing and/or security operations?

Yes

No

Applicant Documents

Required Documents

Resume/CV

Cover Letter/Letter of Application

Optional Documents

List of Professional References (contact Info)