CliftonLarsonAllen, LLP Incident Response/Security Analyst in Minneapolis, Minnesota
Our Minneapolis office is looking for an Incident Response/Security Analyst responsible for supporting a variety of information security functions. Incident Response consultants provide guidance to clients and other first responders for the proper handling of Information Security incidents, coordinate efforts of and provide timely updates to multiple business units during response as well as provide recommendations to the units as required. Our Analysts have experience in security aspects of multiple platforms, operating systems, software, communications, and network protocols.
Responsibilities in Responsibilities include (but not limited to) the following:
- Manage personal project work
- Triage and lead escalated Security events and incident
- Work independently or among team members to ensure incident procedures address the objectives of the security incident response program, and review required documentation for adherence to the department standards and process
- Effectively respond to case work relating to computer security vulnerabilities, phishing, malware, and forensic investigations
- Ability to anticipate and respond to changing priorities, and operate effectively in a dynamic demand-based environment, requiring extreme flexibility and responsiveness
- Lead and manage security incidents to ensure timely mitigation and remediation efforts are completed
- Investigate network anomalies and other cyber security events to determine the cause and extent of exposure and overall risk to the environment
- Preserve, harvest, and process electronic data according to company policies and regulatory requirements
- Participate in forensic investigations as required, to include the collection, preservation of electronic evidence, analysis, and creation of a final report
- Preserve and forensically analyze data from electronic data sources, including laptop and desktop computers, servers, and mobile devices
- Produce high quality oral and written work, presenting complex technical matters clearly and concisely with audiences ranging from peers to Sr. Management
- Development and upkeep of standard operating procedures with the insight to know when new ones need to be developed
- Be familiar with current and proposed laws, regulations, industry standards, and ethical requirements related to information security and privacy
- Assist intrusion remediation and strategy development and implementation.
- Recommend effective process changes to enhance defense and response procedures.
- Coordinate with clients to resolve high or critical severity level incidents.
- Provide on-boarding training and coaching to for lower-level consultants
Required Experience, Capabilities & Education:
- Bachelor’s degree in Computer Science, Engineering, or a directly related field. *
- 2+ years of professional IT Security Incident Responder/Forensics experience.*
- Requires excellent analytical ability, consultative and communication skills, and strong judgment.*
- Experience in security aspects of multiple platforms, operating systems, software, communications, and network protocols.*
- Strong verbal and written communication skills*
- Must be highly skilled and proficient in problem solving, with an aptitude and willingness to learn new technologies.*
- Ability to regularly exercise independent judgment and discretion.*
- Ability to translate customer needs into technical solutions and recommendations*
Ability to multitask and handle multiple priorities *
Must be resourceful, creative, innovative, results driven, and adaptable
- Experience supporting Network Investigations
- Experience conducting forensic media analysis and log file analysis
- Understanding TCP/IP communications & knowledge of how common protocols and applications work at the network level, including DNS, HTTP, and SMB
- Ability to demonstrate analytical expertise, close attention to detail, excellent critical thinking, logic, and solution orientation and to learn and adapt quickly
Technical experience to include:
- Knowledge of network monitoring, analysis, troubleshooting, and configuration control technologies
- Experience with host-centric tools for forensic collection and analysis (FTK, Helios, RegRipper, ProDiscover, SIFT, Encase, etc.)
- Strong IT infrastructure background including familiarity with the following: Snort, Wireshark, NMap
- Experience managing cases with enterprise SIEM and logging systems
- Experience with host based detection and prevention suites (McAfee EPO, OSSEC, Yara, MIR, CarbonBlack, Tanium, etc.)
- Experience in financial services industry helpful
- Detailed understanding of APT, Cyber Crime and other associated tactics
- System/Application vulnerabilities and exploitation
- Some experience with malware analysis (dynamic and static)
- One or more certifications including, CFCE, GCFE, OSCP, GCIA, CFE, CISSP or similar
ABOUT THE FIRM CliftonLarsonAllen LLP (CLA) is a professional services firm delivering integrated wealth advisory, outsourcing and public accounting capabilities to help enhance our clients’ enterprise value and assist them in growing and managing their related personal assets – all the way from startup to succession and beyond. Our professionals are immersed in the industries they serve and have specialized knowledge of their operating and regulatory environments. With nearly 4,000 people, 90 US locations and a global affiliation, we bring a wide array of solutions to help clients in all markets, foreign and domestic. Investment advisory services are offered through CliftonLarsonAllen Wealth Advisors, LLC, an SEC-registered investment advisor.
We are deeply invested in the success of our professionals and provide innovative career-building opportunities. At CLA, we aim to positively impact the clients we serve, the people we employ, the profession we represent and the communities we call home.
CLA is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, disability status, protected veteran status, national origin, or any other characteristic protected by law.
Requisition Number: 16-1082
Title: Incident Response/Security Analyst