Incident Response Advisor - Senior
Apply
locations: Remote - USA
time type: Full time
posted on: Posted 6 Days Ago
time left to apply: End Date: September 30, 2024
job requisition id: R-0000026034
Company
Federal Reserve Bank of Richmond
When you join the Federal Reserve—the nation's central bank—you’ll play a key role, collaborating with leading tech professionals to strengthen and protect our economic, financial and payments systems. We invest in contemporary and emerging technology each year to support the Federal Reserve and our economy, and we’re building a dynamic and diverse team for our future.
Bring your passion and expertise, and we’ll provide the opportunities that will challenge you and propel your growth—along with a wide range of benefits and perks that support your health, wealth, and life. In addition to competitive compensation, we offer a comprehensive benefits package that includes tuition assistance, generous paid time off, top-notch health care benefits, child and family care leave, professional development opportunities, a 401(k) match, pension, and more. All brought together in a flexible work environment where you can truly find balance.
About the Opportunity
The Federal Reserve System (FRS) National Incident Response Team (NIRT) has an immediate opening for an Incident Response Advisor, Senior position, reporting to a Senior Manager Information Security. The NIRT, a national service provider for the FRS, delivers effective intrusion detection, incident response, forensics, security intelligence, threat assessment, and penetration testing services.
The role is for an experienced incident response professional. You will be expected to be able to investigate and respond to security events within the FRS with minimal oversight. Additionally, as you gain experience you will be expected to lead larger and more impactful incidents. The ideal candidate will have some more specialized skills such as disk and/or memory forensics, phone forensics, malware analysis, and/or threat hunting skills.
Hours: Are typically the core business hours in your locality. There may be limited periods when you need to work nights and/or weekends if there is a major security incident occurring.
What You Will Do:
- Perform security event triage and analysis with knowledge in current security threats and techniques.
- Manage and lead security incidents and conduct incident analysis, containment, protection, mitigation, and recovery activities across the FRS.
- Perform and lead incident response workflow processes.
- Analyze all relevant data sources for attack indicators and potential network and host compromises.
- Respond to different attack vectors such as data exfiltration, DDoS, malware, insider risk, and phishing.
- Develop scripts and tools to improve the efficiency of incident detection and response processes.
- Lead investigations.
- Identify gaps/opportunities for enhancements to workflows and processes for enhancing the incident response lifecycle.
- Support cross-team projects to help implement cybersecurity improvements.
- Provide subject matter expertise to partners on an as-needed basis.
- Interface with NIRT customers and stakeholders.
Qualifications:
- You should have in-depth understanding of a variety of information technologies and information security topics. Specifically, this should include the following:
- Advanced SIEM/SOAR utilization skills to analyze security events from multiple monitoring and logging sources to identify, investigate and confirm suspicious activity.
- Advanced knowledge of incident response and handling methodologies.
- Advanced knowledge of common adversary tactics, techniques, and procedures (TTPs).
- Advanced knowledge of cyber threats and vulnerabilities.
- Advanced knowledge of cyber-attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks).
- Advanced knowledge of which system files (e.g., log files, registry files, configuration files) contain relevant information and where to find those system files.
- Advanced ability to analyze all relevant data sources for attack indicators and potential network and host compromises.
- Advanced knowledge of current security threats, techniques, and landscape, and a dedicated approach to research current information security landscape.
- Advanced understanding of IT Infrastructure designs, technologies, products, and services, including knowledge of networking protocols, firewall functionality, host and network intrusion detection systems, operating systems, databases, encryption, load balancing, and other technologies.
- Hold one or more relevant security certifications/degrees and/or commensurate experience.
- Ability to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means.
- Ability to evaluate information for reliability, validity, and relevance.
- Ability to function effectively in a dynamic, fast-paced environment.
- Ability to function in a collaborative environment, seeking continuous consultation with other analysts and experts—both internal and external to the organization—to leverage analytical and technical expertise.
- Ability to think critically.
- Ability to think like threat actors.
- Ability to develop productive working relationships with a broad range of business and operational area professionals.
Discover the Reason Why So Many People Love It Here!
When you join the Richmond Fed, not only will you find a challenging and purposeful career, but you’ll also have access to a wide range of benefits and perks that support your health and wealth, including:
- Great medical benefits
- Pension and 401(k) with employer match
- Paid time off
- Tuition reimbursement
- Employee resource networks
- Paid volunteer leave
- Flexible work options
- Onsite amenities that make working here fun!
Other Requirements and Considerations:
- Candidates should review the Bank’s Employee Code of Conduct to ensure compliance with conflict of interest rules and personal investment restrictions.
- If you need assistance or an accommodation due to a disability, please notify rich.recruitment@rich.frb.org.
- Employees who work at and/or visit another Federal Reserve entity or outside business as part of their job duties are required to comply with any onsite safety and health protocols of those organizations.
- Sponsorship is not available for this role. The selected candidate will be subject to a government security investigation and must meet eligibility requirements for access to classified information. Eligibility for this specific position requires U.S. Citizenship.
- The national hiring range for the Senior Incident Response Advisor is $123,600- $169,950 annually.
- Salary offered will be based on the job responsibilities and the individual’s knowledge, skills, and experience as defined in the job qualifications.
- Applications are reviewed on a rolling basis. Interested candidates are strongly encouraged to apply by September 30, 2024.
Full Time / Part Time
Full time
Regular / Temporary
Regular
Job Exempt (Yes / No)
Yes
Job Category
Information Technology
Work Shift
First (United States of America)
The Federal Reserve Banks believe that diversity and inclusion among our employees is critical to our success as an organization, and we seek to recruit, develop and retain the most talented people from a diverse candidate pool. The Federal Reserve Banks are committed to equal employment opportunity for employees and job applicants in compliance with applicable law and to an environment where employees are valued for their differences.
#J-18808-Ljbffr