Thrive is hiring a
Incident Response Analyst

Summary

Thrive is a technology solutions provider seeking an Incident Response Analyst to join their Security Operation Center team. The analyst will investigate security incidents, develop playbooks, and stay updated on current security threats. Required qualifications include advanced knowledge of various systems and technologies, professional experience in system administration, and strong analytical skills.

Requirements

• Demonstrates comprehension of best security practices
• Has advanced knowledge of SIEM, TCP/IP, computer networking, routing, and switching, IDS/IPS, penetration and vulnerability testing, Firewall and intrusion detection/prevention protocols, Windows, UNIX, and Linux operating systems, Network protocols and packet analysis tools, EDR, Anti-virus, and anti-malware, Content filtering, Email and web gateway, Malware, Network, or System Analysis
• Professional experience in a system administration role supporting multiple platforms and applications
• Ability to collaborate and communicate security issues to clients, peers, and management
• Strong analytical and problem-solving skills
• Adaptability and resilience in rapidly evolving situations
• Ability to be a part of an on-call rotation, occasionally working nights and weekends to support High Priority Security Incidents

Responsibilities

• Process investigation requests from SOC Analysts using Security Information and Event Management (SIEM) from multiple sources
• Investigate intrusion attempts, differentiate false positives from true intrusion attempts, and perform in-depth analysis of exploits
• Lead incident response and threat hunting efforts for confirmed High Priority security incidents
• Utilize threat intelligence to identify and investigate potential security threats
• Develop playbooks for incident response and incident management processes
• Participate in tabletop exercises and drills to test and validate playbooks

Preferred Qualifications

• Knowledge of common Windows and Linux/Unix system calls and APIs
• Knowledge of programming languages
• Knowledge of internal file structures for file formats commonly associated with malware (e.g., OLE, RTF, PDF, EXE, etc.)
• Knowledge or experience in Detection Engineering