Cyber Security Incident Responder

Summary

Join Hitachi Vantara's Cybersecurity Incident Response team as a Cybersecurity Incident Responder. This primarily remote role involves responding to security incidents, providing guidance to team members, and collaborating with IT practitioners across various regions. You will investigate and direct response activities during high-priority incidents and report to management. The position requires 3 years of IT or cybersecurity experience, strong networking knowledge, and experience with log analysis and SIEM. Desirable qualifications include security certifications, experience with specific security tools, and knowledge of cloud environments. Hitachi Vantara offers industry-leading benefits, flexible arrangements, and a supportive work environment.

Requirements

• Fluent English
• 3 years total experience in IT or cyber security
• Strong working knowledge of networking concepts, the OSI model, firewalls, ACLs, load balancers, and packet capture utilities such as Wireshark
• Strong working knowledge and experience responding to host-based threats and risks, including ransomware
• Strong working knowledge and experience with log analysis using a SIEM, including writing and tuning rules for alerts, and reading and interpreting logs from various platforms including Linux, Windows, and networking appliances
• Working knowledge of EDR and Anti-Malware technology and platforms

Responsibilities

• Respond to security incidents from alerts within the security toolset
• Provide guidance and coaching to other team members
• Act as an escalation point for high-severity incidents
• Collaborate with Incident Response team members in other regions (Americas, Asia, and Europe)
• Interact and collaborate with practitioners across IT, including Help Desk, Desktop Operations, System Administration, Networking, and cloud environment administrators
• Direct the investigation and response activities of other security analysts and IT practitioners during high-priority incidents
• Provide reporting and updates to Director-level management

Preferred Qualifications

• Experience with SentinelOne and Microsoft Defender
• 2 years’ experience working as a SOC analyst or incident response role
• Security certification such as CISSP, CISM, GSEC, CEH, CISA, or other
• Knowledge of AWS and Microsoft Azure environments and concepts
• Experience leading small teams

Benefits

• Mostly remote work
• Shifts: 09:00 - 17:00, including weekends (twice a month)
• Industry-leading benefits
• Flexible arrangements