We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
Ampcus, Inc jobs

Senior Security Incident Response Analyst

Ampcus, Inc
United States, Virginia, Richmond
1806 Summit Avenue (Show on map)
Apr 15, 2025
Ampcus Inc. is a certified global provider of a broad range of Technology and Business consulting services. We are in search of a highly motivated candidate to join our talented Team.

Job Title: Senior Security Incident Response Analyst

Location(s): Richmond, VA

Description:


  • This role is 100% remote.
  • 5 or more years of experience in responding to cybersecurity incidents is required for this role.
  • Experience with the use of the following tools/capabilities during an incident response:
  • Microsoft Defender, Microsoft Sentinel, and Microsoft Azure


Experienced in the following technical areas: Network Security, Endpoint Security, Cybersecurity Incident Response, Security Orchestration, and Automation


  • Able to Collaborated closely with and lead cross-functional teams of technical experts during cybersecurity incident response scenarios.
  • Able to serve on an on-call rotation (24 x 7 phone response for 1 week every 4 weeks)


Key Responsibilities:

Security Incident Handling:


  • Participate directly in security incident handling, supporting the existing CSIRT organization.
  • This will include rotational accountability as the on-call incident handler/coordinator responsible for the 24/7 end-to-end response lifecycle of reported incidents.
  • Key activities include but are not limited to coordinating and executing response activities, ticket management, engagement with infrastructure and security support partners, impact analysis, and CSIRT communications.


Project Support:


  • Actively participate in the delivery of IT application, infrastructure, and process-oriented projects in support of continuous improvement and ongoing enhancements to the program.
  • Work with the Incident Response Program Lead to ensure project milestones and objectives are achieved.


Program Capabilities and Process Maturity:


  • Proactively identify areas of opportunity and work with the Incident Response Program Lead to recommend and execute improvements to the program.
  • Includes but is not limited to CSIRT infrastructure, Security Orchestration and Automated Response capabilities, optimization of the MITRE Telecommunication&CK framework, underlying CSIRT processes and incident response documentation, threat intelligence and detection capabilities, and cross-functional collaboration with internal and external stakeholders as it relates to incident response.


Metrics and Reporting:


  • Execute the development and implementation of key metrics and reporting to measure the effectiveness of our Threat Detection and Response program. Work with the Incident Response Program Lead to facilitate upward reporting of incident response data.


Program Governance:


  • Actively participate in the planning and execution of internal governance and incident response preparedness activities, including but not limited to incident ticket review, lessons learned activities, and incident response tabletop exercises.


Ampcus is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veterans or individuals with disabilities.
Applied = 0
MORE JOBS LIKE THIS

(web-77f7f6d758-rjjks)