Laboratory Corporation of America Security Analyst in Burlington, North Carolina
LabCorp is recruiting a Security Analyst for a dynamic team in North Carolina.
The Security Analyst will perform responsibilities as an incident responder/controller for LabCorp's Critical Security Incident Response Center (CSIRT), performing host based forensics, root case analysis, threat hunting, and serve as a technical escalation for resources in the Security Operations Center (SOC). Partner with Security Engineers to implement and improve technology and processes to enhance SOC monitoring, investigation, and response.
Duties include but not limited to:
Serve as an escalation resource for SOC analysts
Perform Incident Response for security threats or incidents
Work with SIEM Engineers and other security partners developing and refining correlation rules
Work on complex tasks assigned by the SOC management
Coordinate evidence/data gathering and documentation for Security Incident reports
Provide recommendations for improvements to incident playbooks, procedures, and monitoring
Provide emergency response as a member of CSIRT or as escalation as part of an 24/7 on-call rotation.
At least 5 years of technical experience in Information Security with at least 3 years of experience in Incident Response or Threat Hunting.
Experience in Security Operations and Incident Response.
Practical knowledge of networking protocols, firewalls, intrusion detection/prevention systems.
Ability to conduct multi-step breach and investigative analysis to trace the dynamic activities associated with advanced threats.
Advanced knowledge using SIEM technologies for event investigation.
College degree in related field or equivalent work experience.
Adept event analysis leveraging Splunk
Experienced incident investigation and response skill set
Moderate to Advanced knowledge of current threat landscape (threat actors, APT, cyber-crime, etc)
Moderate to Advanced knowledge of malware operation, messaging and phishing
Moderate to Advanced knowledge of modern operating systems
Moderate knowledge of Firewall and Proxy technology
Moderate knowledge of Data Loss Prevention monitoring
Moderate knowledge of forensic techniques
Experienced working within a PCI, HIPPA, SOX environment
A security certification is preferred; such as CISSP, GCIH, GIAC or similar level
License/Certification/Education: Normally a B.A./B.S. Degree with 7+ years of experience in field.
Monday to Friday, Business days and hours
As an EOE/AA employer, the organization will not discriminate in its employment practices due to an applicant's race, color, religion, sex, national origin, sexual orientation, gender identity, disability or veteran status.