Triage Analyst, Cyber Security Incident ResponseApply Now Job ID: R0000078376 job family: Security Analysis schedule: Full time Location: 7000 Target Parkway North, Brooklyn Park, Minnesota, United States, 55445;
JOIN US AS AN INCIDENT TRIAGE ANALYST, CYBER SECURITY
Similar Industry Titles and Key Words: cyber security, intrusion, event analyst, fusion center, incidents
The Incident Triage Analyst position is responsible for triaging cyber security events and incidents across the Target environment. The Incident Triage Analyst supports Target’s cyber security operations by monitoring alerts during heavy volume events within a 24/7 Cyber Fusion Center. This position conducts more in-depth analyses of security incidents with specific ability to identify potential compromise, perform intrusion scope and root cause analyses and implement triaging protocols to mitigate potential impacts.
- Incident Triage Analysts create filters, data monitors, dashboards, and reports within monitoring utilities.
- Troubleshoot security monitoring devices to improve event correlation and performance.
- Develop and update procedures, and configure tools for Event Detection Analysts to use.
- Handle high and critical severity incidents as described in the operations playbook.
- Perform additional analysis of escalations from Event Detection analysts and reviews Level 1 tickets.
- Escalate high or critical severity level incidents to Incident Handlers.
- Acts as a participant during Cyber Hunt activities at the direction of one or more Target Incident Handlers
NOTE: This is a shift position that will be responsible for working Sunday through Wednesday, 12:30pm - 10:30pm.
- 2+ years of information security experience
- BA/BS in Engineering, Computer Science, Information Security, or Information Systems or equivalent experience
- Experience using event escalation and reporting procedures
- Ability to learn and operate in a dynamic environment
- Ability to demonstrate analytical expertise, close attention to detail, excellent critical thinking, logic, and solution orientation and to learn and adapt quickly
- Knowledge of network monitoring, analysis, troubleshooting, and configuration control technologies
- Knowledge of how common protocols and applications work at the network level, including DNS, HTTP, and SMB
- Knowledge of cyberattack techniques and tools
- Strong oral and written communication skills
- Experience with host and network based security tools desired
- Experience managing cases with enterprise SIEM systems
- Knowledge of how the Windows file system and registry function and UNIX operating systems and command line tools
- Experience conducting forensic media analysis and log file analysis
- Experience supporting network investigations.
- One or more certifications including, Security+, GCIA, GCIH, CISSP or similar
Americans with Disabilities Act (ADA)
Target will provide reasonable accommodations (such as a qualified sign language interpreter or other personal assistance) with the application process upon your request as required to comply with applicable laws. If you have a disability and require assistance in this application process, please visit your nearest Target store or Distribution Center or reach out to Guest Services at 1-800-440-0680 for additional information.
What’s it like to work here? We’re asked that a lot. Target respects and values the individuality of all team members and guests—and we have lots of fun in all that we do.experience our culture