Cyber Crisis Response Analyst - United Airlines Chicago, IL, United States Bookmark Share Print 539 1 8

Listing Description

Please apply here to be formally considered - thanks!: https://ual-pro.taleo.net/careersection/2/jobdetail.ftl?job=WHQ00012166-ZN

Come join a leading information security team in the aviation sector to help protect our customers and employees!

The 'Analyst – Cyber Crisis Response' within our cyber Security Operations Center (SOC) is responsible for ensuring the company is ready to respond to cyber security incidents at any time, assisting a cross functional team of Incident Response professionals, and helping the company through critical efforts to remediate cyber-attacks and computer intrusions. They are a key component of the cyber security posture of the company and they work to keep leadership advised of current incident response engagements as well as past engagement performance, as well as keep the enterprise prepared for different cyber crisis scenarios.

If you're looking to further develop your skills through a variety of challenges and perform impactful work, this job is for you!Coordinate and provide expert technical support to enterprise-wide cyber security incident response team to resolve crisis level cyber security incidents from initial detection through final resolution.

Create novel crisis incident response exercises and workshops to develop plans

Engage with leadership throughout the IT division and business organizations to continuously enhance incident response plans & playbooks

Facilitate lessons learned meetings and generate reports on incident findings to appropriate stakeholders

Perform real-time cyber defense incident handling (e.g., forensic collections, intrusion correlation and tracking, threat analysis, and direct system remediation) tasks to support Cyber Security Incident Response Teams (CSIRT).

Maintain relationships with internal and external partners involved in cyber planning or related areas.

Perform analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system [IDS] logs) to assess possible threats to network security as needed.