Centene Corporation logo
Centene Corporation

Transforming the health of the communities we serve, one person at a time.

Principal Incident Response Analyst

Incident Response AnalystSecurity AnalystFull TimeRemoteLeadTeam 10,001+Since 1984H1B No SponsorCompany SiteLinkedIn

Location

Illinois

Posted

1 day ago

Salary

$121.5K - $224.9K / year

Seniority

Lead

Bachelor Degree6 yrs expExperience acceptedEnglishFirewalls

Job Description

Principal Incident Response Analyst

Centene Corporation

• Executes enterprise-wide Incident Response Plan and recommends enhancements to improve security • Partners with business units to accomplish enterprise-wide remediation • Develops and delivers presentations to senior leadership team • Keeps abreast of security breaches and ensures incident and response management processes are initiated • Implements security service audit schedules, reviews access authorization, and performs access controls testing • Collaborates with Information Security Architects and software or hardware stakeholders • Ties third party attack monitoring services into internal CIRT communications systems

Job Requirements

  • A Bachelor's degree in a quantitative or business field (e.g., statistics, mathematics, engineering, computer science)
  • 6 – 8 years of related experience
  • Knowledge of Tools, techniques and processes (TTP) used by threat actors
  • Knowledge of Indicators of compromise (IOC)
  • Experience with Endpoint protection and enterprise detection & response software (e.g. CrowdStrike or Carbon Black)
  • Knowledge of Network and infrastructure technologies including routers, switches, firewalls, etc.
  • Advanced analytical, project management, and technical skills

Benefits

  • competitive pay
  • health insurance
  • 401K and stock purchase plans
  • tuition reimbursement
  • paid time off plus holidays
  • flexible approach to work with remote, hybrid, field or office work schedules

Related Job Pages

More Incident Response Analyst Jobs

Incident Response Analyst

Check Point Software Technologies

As the world’s leading vendor of Cyber Security, facing the most sophisticated threats and attacks, we’ve assembled a global team of the most driven, creative, and innovative people. At Check Point, our employees are redefining the security landscape by meeting our customers’ real-time needs and providing our cutting-edge technologies and services to an ever-growing customer base. Check Point Software Technologies has been honored by Time Magazine as one of the World’s Best Companies and Newsweek’s list of Americas Best Cybersecurity Companies. We've also earned a spot on the Forbes list of the World’s Best Places to Work for five consecutive years and recognized as one of the World’s Top Female-Friendly Companies. If you're passionate about making the world a safer place and want to be part of an award-winning company culture, we invite you to join us.

Role Description - Responsible for daily incident management of customer incidents - Perform incident response and forensic analysis of compromised systems, identify and provide recommendations for remediation - Formulate and direct incident response efforts, prioritize those response efforts, and create legible incident reports that describe the compromise vector, attacker methodologies and artifacts - Ability to manage complicated global incidents - Ability to perform large-scale compromise assessments for customer environments - Build incident response plans and playbooks - Create attack scenarios for customer tabletop training exercises - Creation of detailed incident reports for customers and effective communication of findings to customers - Build and maintain sandbox/test lab environments to evaluate malicious code - Work within a team environment and will be responsible for coordinating work actions Qualifications - This is not an entry level SOC role. - 10+ years of cybersecurity experience out of which 2-5 years are experience performing T3 incident response with an emphasis on system compromise analysis. - Experience of performing security reviews/vulnerability risk assessments of network environments using both manual procedures and automated analysis tools. - Experience with enterprise security solutions, incident crisis management. - Experience with performing attack simulation for training security teams. - Experience with creating procedures and documented plans for security teams. - Ability to participate in on-call rotation, including at least one weekend a month. - Domestic and International travel may be required. - Must be eligible to work in the US without sponsorship from an employer now or in the future. - EOE M/F/Veterans/Disabled Company Description As the world’s leading vendor of Cyber Security, facing the most sophisticated threats and attacks, we’ve assembled a global team of the most driven, creative, and innovative people. At Check Point, our employees are redefining the security landscape by meeting our customers’ real-time needs and providing our cutting-edge technologies and services to an ever-growing customer base. Check Point Software Technologies has been honored by Time Magazine as one of the World’s Best Companies and Newsweek’s list of Americas Best Cybersecurity Companies. We've also earned a spot on the Forbes list of the World’s Best Places to Work for five consecutive years and recognized as one of the World’s Top Female-Friendly Companies. If you're passionate about making the world a safer place and want to be part of an award-winning company culture, we invite you to join us.

United States

Security Incident Response Representative IV

University of Rochester

University of Rochester, located on the banks of the Genesee River in Rochester, New York, is a four-year private institution of higher learning that has offered educational opport

Role Description Responsible for support of day-to-day operations of information security incident response and triage. Verifies, classifies and documents events, escalating incidents as required. Provides first-level and second-level response for information security events, including threat analysis, root cause analysis and remediation. This role requires an on-call rotation. - Provides first-level and second-level response for information security events, including threat analysis, root cause analysis and remediation. - Manages various security operations tools to ensure continued security and performance. - Responds to requests for operational and security logs. - Assists with development of incident response processes and systems. - Participates in daily, quarterly, weekly and as needed meetings. - Monitors security blogs, articles, reports and other sources to keep up to date on the latest security threats and trends. - Other duties as assigned. Qualifications - Bachelor's degree and 1 year of related experience required. - Or equivalent combination of education and experience. - Experience with Security Information and Event Management (SIEM) systems, such as QRadar, ArcSight or LogRhythm, preferred. Requirements - Demonstrated analytical and problem solving skills required. - Strong interpersonal, verbal and written communication skills required. - Self-motivated and directed required. - Dedication to continued learning required. - Ability to effectively prioritize and execute tasks in a high-pressure environment required. - On-call rotation required. - Knowledge of intrusion detection systems, system administration, network protocols and industry-standard techniques and practices preferred. Company Description The University of Rochester is committed to fostering, cultivating, and preserving an inclusive and welcoming culture to advance the University’s Mission to Learn, Discover, Heal, Create – and Make the World Ever Better. In support of our values and those of our society, the University is committed to not discriminating on the basis of age, color, disability, ethnicity, gender identity or expression, genetic information, marital status, military/veteran status, national origin, race, religion, creed, sex, sexual orientation, citizenship status, or any other characteristic protected by federal, state, or local law (Protected Characteristics). This commitment extends to non-discrimination in the administration of our policies, admissions, employment, access, and recruitment of candidates, for all persons consistent with our values and based on applicable law.

United States
$29 - $41 / hour
Integreon Intermediate LLC logo

Document Reviewer (Cyber Incident Response)

Integreon Intermediate LLC

Integreon is a trusted, global provider of award-winning legal and business solutions to leading law firms, corporations, and professional services firms. Our highly trained, experienced staff of over 3,000 employees globally service a comprehensive range of client needs that require scale and expertise, enabling clients to become more operationally efficient. Integreon works with corporations and law firms who rely on our team’s experience and expertise in documents, administrative and business services. With delivery centres on three continents, Integreon offers multi-lingual, around-the-clock support, as well as onshore, offshore, and onsite delivery of our award-winning services.

Full TimeRemoteTeam 1,001-5,000

Role Description Integreon is a leading provider of Document Review services to the post-breach Cyber Incident Response value chain. Following a breach, in cases of data exfiltration, potentially accessed documents need to be reviewed for exposure of PII/PHI wherein individuals or entities need to be notified within stipulated timelines as per jurisdictional requirements. This entails review of documents on a platform (e.g., Relativity) and extraction of defined data points as directed by a protocol. This is a great opportunity to work with the top managed review group in the industry! - Review documents on Relativity platform and identify/capture Personal Identifiable Information (PII) and Protected Health Information (PHI) as per protocol. Qualifications - Must be located within the United States. - Work in a team led by a Review Manager who will provide guidance, monitor progress, provide feedback, and answer questions. - Must be available online during core hours, as set by the Review Manager; there may be some flexibility in hours. Requirements - Use of basic Microsoft Office tools. - High-speed internet connection. - Quiet, private workspace. - Ability to work 40 hours per week, with the possibility of overtime/weekend work. - Previous data breach/incident response review experience required. - Relativity proficiency preferred. - Experience working with sensitive information. Benefits - Pay Range: USD $19.00 - USD $20.00 /Hr. Company Description Integreon is a trusted, global provider of award-winning legal and business solutions to leading law firms, corporations, and professional services firms. Our highly trained, experienced staff of around 3,500 employees globally service a comprehensive range of client needs that require scale and expertise, enabling clients to become more operationally efficient. Integreon works with corporations and law firms who rely on our experience and expertise in documents, administrative and business services. With delivery centres on three continents, Integreon offers multi-lingual, around-the-clock support, as well as onshore, offshore, and onsite delivery of our award-winning services.

United States
$19 - $20 / hour
Full TimeRemoteTeam 5,001-10,000Since 1969H1B No Sponsor

• Investigate, triage, analyze, contain, eradicate, and support recovery activities for cybersecurity incidents across enterprise and cloud environments. • Perform detailed analysis of security events generated by SIEM, EDR/XDR, IDS/IPS, cloud-native security tools, and endpoint technologies. • Collaborate with Security Operations and Splunk Detection Engineering teams to improve detection content, tune alerts, reduce false positives, and enhance detection effectiveness. • Conduct proactive threat hunting using threat intelligence, behavioral analytics, and MITRE ATT&CK techniques. • Perform root cause analysis and recommend corrective and preventive actions. • Document investigation findings, incident timelines, lessons learned, and technical reports. • Assist in developing and maintaining Incident Response playbooks, SOPs, and workflows. • Support digital evidence collection and basic forensic activities while maintaining chain of custody. • Participate in security assessments, architecture reviews, tabletop exercises, phishing simulations, and readiness activities. • Support security reviews of IT systems, applications, and cloud services. • Assist with cybersecurity policies, standards, and operational procedures. • Collaborate with Cloud Security, Vulnerability Management, Infrastructure, and Application teams. • Monitor incident metrics and contribute to operational reporting. • Stay current on emerging threats and industry best practices. • Performs other job-related duties as assigned.

United States
$160K - $170K / year