Incident Response/Security Analyst

Responsibilities in Responsibilities include (but not limited to) the following:

• Manage personal project work
• Triage and lead escalated Security events and incident
• Work independently or among team members to ensure     incident procedures address the objectives of the security incident response program, and review required documentation for adherence to the department standards and process
• Effectively respond to case work relating to computer security vulnerabilities, phishing, malware, and forensic investigations
• Ability to anticipate and respond to changing priorities, and operate effectively in a dynamic demand-based environment, requiring extreme flexibility and responsiveness
• Lead and manage security incidents to ensure timely mitigation and remediation efforts are completed
• Investigate network anomalies and other cyber security events to determine the cause and extent of exposure and overall risk to the environment
• Preserve, harvest, and process electronic data according to company policies and regulatory requirements
• Participate in forensic investigations as required, to include the collection, preservation of electronic evidence, analysis, and creation of a final report
• Preserve and forensically analyze data from electronic data sources, including laptop and desktop computers, servers, and mobile devices
• Produce high quality oral and written work, presenting complex technical matters clearly and concisely with audiences ranging from peers to Sr. Management
• Development and upkeep of standard operating procedures with the insight to know when new ones need to be developed
• Be familiar with current and proposed laws, regulations, industry standards, and ethical requirements related to information security and privacy
• Assist intrusion remediation and strategy development and implementation.
• Recommend effective process changes to enhance defense and response procedures.
• Coordinate with clients to resolve high or critical severity level incidents.
• Provide on-boarding training and coaching to for lower-level consultants

• Bachelor’s degree in Computer Science, Engineering, or a   directly related field. 

• 2+ years of professional IT Security Incident Responder/Forensics experience.

• At least 1 year experience performing penetration testing

• Requires excellent analytical ability, consultative and communication skills, and strong judgment.

• Experience in security aspects of multiple platforms, operating systems, software, communications, and network protocols.

• Strong verbal and written communication skills

• Must be highly skilled and proficient in problem solving, with an aptitude and willingness to learn new technologies.

• Ability to regularly exercise independent judgment and discretion.

• Ability to translate customer needs into technical solutions and recommendations

• Ability to multitask and handle multiple priorities 

• Must be resourceful, creative, innovative, results driven, and adaptable
• Experience supporting Network Investigations
• Experience conducting forensic media analysis and log file analysis
• Understanding TCP/IP communications & knowledge of how common protocols and applications work at the network level, including DNS, HTTP, and SMB
• Ability to demonstrate analytical expertise, close attention to detail, excellent critical thinking, logic, and solution orientation and to learn and adapt quickly

Technical experience to include:

• Knowledge of network monitoring, analysis, troubleshooting, and configuration control technologies
• Experience with host-centric tools for forensic collection and analysis (FTK, Helios, RegRipper, ProDiscover, SIFT, Encase, etc.)
• Strong IT infrastructure background including familiarity with the following: Snort, Wireshark, NMap

• Experience managing cases with enterprise SIEM and logging systems
• Experience with host based detection and prevention suites (McAfee EPO, OSSEC, Yara, MIR, CarbonBlack, Tanium, etc.)
• Experience in financial services industry helpful
• Detailed understanding of APT, Cyber Crime and other associated tactics
• System/Application vulnerabilities and exploitation
• Some experience with malware analysis (dynamic and static)
• One or more certifications including, CFCE, GCFE, OSCP, GCIA, CFE, CISSP or similar

ABOUT THE FIRM
CliftonLarsonAllen LLP (CLA) is a professional services firm delivering integrated wealth advisory, outsourcing and public accounting capabilities to help enhance our clients’ enterprise value and assist them in growing and managing their related personal assets – all the way from startup to succession and beyond.  Our professionals are immersed in the industries they serve and have specialized knowledge of their operating and regulatory environments.  With nearly 4,000 people, 90 US locations and a global affiliation, we bring a wide array of solutions to help clients in all markets, foreign and domestic.   Investment advisory services are offered through CliftonLarsonAllen Wealth Advisors, LLC, an SEC-registered investment advisor.

We are deeply invested in the success of our professionals and provide innovative career-building opportunities.  At CLA, we aim to positively impact the clients we serve, the people we employ, the profession we represent and the communities we call home.

CLA is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, disability status, protected veteran status, national origin, or any other characteristic protected by law.

EOE/AA Employer/Vets/Disability

IND123

• Equal Opportunity Employer/AA Employer/Minorities/Women/Protected Veterans/Individuals with Disabilities.
• Please view Equal Employment Opportunity Posters provided by OFCCP here.
• The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information. 41 CFR 60-1.35(c)