Senior Incident Handler
Location
United States
Posted
2 days ago
Salary
$120K - $193.7K / year
Seniority
Senior
Job Description
Senior Incident Handler
Allstate
• Serve as the lead responder during critical incidents. • Unify analysts, infrastructure, application owners, legal, and third-party partners. • Be a trusted voice during high-severity events. • Lead advanced investigations into malware, identity compromise, and ransomware. • Help modernize SOC with automation and AI-assisted tooling. • Raise the standard of team responses through meaningful after-action reviews.
Job Requirements
- 5+ years in cybersecurity operations or incident response.
- Financial services or insurance experience is a plus.
- Demonstrated ability to act as an incident commander.
- Strong command of network security, EDR/XDR, log and forensic analysis.
- Comfortable with SIEM, forensics tooling, scripting/automation (Python, PowerShell).
- Exceptional written and verbal skills; credible with engineers and executives.
- Enthusiasm for SOAR, ML-based tooling, and LLMs.
Benefits
- Comprehensive technology setup including laptop, monitors, headset, keyboard, and mouse.
- Monthly connectivity reimbursement to help offset internet costs.
Related Guides
Related Categories
Related Job Pages
More Incident Response Analyst Jobs
Principal Incident Response Analyst
Centene CorporationTransforming the health of the communities we serve, one person at a time.
• Executes enterprise-wide Incident Response Plan and recommends enhancements to improve security • Partners with business units to accomplish enterprise-wide remediation • Develops and delivers presentations to senior leadership team • Keeps abreast of security breaches and ensures incident and response management processes are initiated • Implements security service audit schedules, reviews access authorization, and performs access controls testing • Collaborates with Information Security Architects and software or hardware stakeholders • Ties third party attack monitoring services into internal CIRT communications systems
Incident Response Analyst
Check Point Software TechnologiesAs the world’s leading vendor of Cyber Security, facing the most sophisticated threats and attacks, we’ve assembled a global team of the most driven, creative, and innovative people. At Check Point, our employees are redefining the security landscape by meeting our customers’ real-time needs and providing our cutting-edge technologies and services to an ever-growing customer base. Check Point Software Technologies has been honored by Time Magazine as one of the World’s Best Companies and Newsweek’s list of Americas Best Cybersecurity Companies. We've also earned a spot on the Forbes list of the World’s Best Places to Work for five consecutive years and recognized as one of the World’s Top Female-Friendly Companies. If you're passionate about making the world a safer place and want to be part of an award-winning company culture, we invite you to join us.
Role Description - Responsible for daily incident management of customer incidents - Perform incident response and forensic analysis of compromised systems, identify and provide recommendations for remediation - Formulate and direct incident response efforts, prioritize those response efforts, and create legible incident reports that describe the compromise vector, attacker methodologies and artifacts - Ability to manage complicated global incidents - Ability to perform large-scale compromise assessments for customer environments - Build incident response plans and playbooks - Create attack scenarios for customer tabletop training exercises - Creation of detailed incident reports for customers and effective communication of findings to customers - Build and maintain sandbox/test lab environments to evaluate malicious code - Work within a team environment and will be responsible for coordinating work actions Qualifications - This is not an entry level SOC role. - 10+ years of cybersecurity experience out of which 2-5 years are experience performing T3 incident response with an emphasis on system compromise analysis. - Experience of performing security reviews/vulnerability risk assessments of network environments using both manual procedures and automated analysis tools. - Experience with enterprise security solutions, incident crisis management. - Experience with performing attack simulation for training security teams. - Experience with creating procedures and documented plans for security teams. - Ability to participate in on-call rotation, including at least one weekend a month. - Domestic and International travel may be required. - Must be eligible to work in the US without sponsorship from an employer now or in the future. - EOE M/F/Veterans/Disabled Company Description As the world’s leading vendor of Cyber Security, facing the most sophisticated threats and attacks, we’ve assembled a global team of the most driven, creative, and innovative people. At Check Point, our employees are redefining the security landscape by meeting our customers’ real-time needs and providing our cutting-edge technologies and services to an ever-growing customer base. Check Point Software Technologies has been honored by Time Magazine as one of the World’s Best Companies and Newsweek’s list of Americas Best Cybersecurity Companies. We've also earned a spot on the Forbes list of the World’s Best Places to Work for five consecutive years and recognized as one of the World’s Top Female-Friendly Companies. If you're passionate about making the world a safer place and want to be part of an award-winning company culture, we invite you to join us.
Security Incident Response Representative IV
University of RochesterUniversity of Rochester, located on the banks of the Genesee River in Rochester, New York, is a four-year private institution of higher learning that has offered educational opport
Role Description Responsible for support of day-to-day operations of information security incident response and triage. Verifies, classifies and documents events, escalating incidents as required. Provides first-level and second-level response for information security events, including threat analysis, root cause analysis and remediation. This role requires an on-call rotation. - Provides first-level and second-level response for information security events, including threat analysis, root cause analysis and remediation. - Manages various security operations tools to ensure continued security and performance. - Responds to requests for operational and security logs. - Assists with development of incident response processes and systems. - Participates in daily, quarterly, weekly and as needed meetings. - Monitors security blogs, articles, reports and other sources to keep up to date on the latest security threats and trends. - Other duties as assigned. Qualifications - Bachelor's degree and 1 year of related experience required. - Or equivalent combination of education and experience. - Experience with Security Information and Event Management (SIEM) systems, such as QRadar, ArcSight or LogRhythm, preferred. Requirements - Demonstrated analytical and problem solving skills required. - Strong interpersonal, verbal and written communication skills required. - Self-motivated and directed required. - Dedication to continued learning required. - Ability to effectively prioritize and execute tasks in a high-pressure environment required. - On-call rotation required. - Knowledge of intrusion detection systems, system administration, network protocols and industry-standard techniques and practices preferred. Company Description The University of Rochester is committed to fostering, cultivating, and preserving an inclusive and welcoming culture to advance the University’s Mission to Learn, Discover, Heal, Create – and Make the World Ever Better. In support of our values and those of our society, the University is committed to not discriminating on the basis of age, color, disability, ethnicity, gender identity or expression, genetic information, marital status, military/veteran status, national origin, race, religion, creed, sex, sexual orientation, citizenship status, or any other characteristic protected by federal, state, or local law (Protected Characteristics). This commitment extends to non-discrimination in the administration of our policies, admissions, employment, access, and recruitment of candidates, for all persons consistent with our values and based on applicable law.
Document Reviewer (Cyber Incident Response)
Integreon Intermediate LLCIntegreon is a trusted, global provider of award-winning legal and business solutions to leading law firms, corporations, and professional services firms. Our highly trained, experienced staff of over 3,000 employees globally service a comprehensive range of client needs that require scale and expertise, enabling clients to become more operationally efficient. Integreon works with corporations and law firms who rely on our team’s experience and expertise in documents, administrative and business services. With delivery centres on three continents, Integreon offers multi-lingual, around-the-clock support, as well as onshore, offshore, and onsite delivery of our award-winning services.
Role Description Integreon is a leading provider of Document Review services to the post-breach Cyber Incident Response value chain. Following a breach, in cases of data exfiltration, potentially accessed documents need to be reviewed for exposure of PII/PHI wherein individuals or entities need to be notified within stipulated timelines as per jurisdictional requirements. This entails review of documents on a platform (e.g., Relativity) and extraction of defined data points as directed by a protocol. This is a great opportunity to work with the top managed review group in the industry! - Review documents on Relativity platform and identify/capture Personal Identifiable Information (PII) and Protected Health Information (PHI) as per protocol. Qualifications - Must be located within the United States. - Work in a team led by a Review Manager who will provide guidance, monitor progress, provide feedback, and answer questions. - Must be available online during core hours, as set by the Review Manager; there may be some flexibility in hours. Requirements - Use of basic Microsoft Office tools. - High-speed internet connection. - Quiet, private workspace. - Ability to work 40 hours per week, with the possibility of overtime/weekend work. - Previous data breach/incident response review experience required. - Relativity proficiency preferred. - Experience working with sensitive information. Benefits - Pay Range: USD $19.00 - USD $20.00 /Hr. Company Description Integreon is a trusted, global provider of award-winning legal and business solutions to leading law firms, corporations, and professional services firms. Our highly trained, experienced staff of around 3,500 employees globally service a comprehensive range of client needs that require scale and expertise, enabling clients to become more operationally efficient. Integreon works with corporations and law firms who rely on our experience and expertise in documents, administrative and business services. With delivery centres on three continents, Integreon offers multi-lingual, around-the-clock support, as well as onshore, offshore, and onsite delivery of our award-winning services.

