Stride logo

Stride

IT Security Incident Response Analyst

🇺🇸 Remote - US

🕑 Full-Time

💰 $51,122 - $120,000

💻 Cybersecurity

🗓️ November 22nd, 2022

SIEM AWS O365
Over 20 years ago, Stride was founded to provide personalized learning — powered by technology. We reached students where they were in their own journeys. We knocked down their barriers to great education. And we gave every learner equal opportunity to succeed — however they defined success. Stride innovated the learning experience with online and blended learning that prepared them for their lives ahead.

Stride is a community of passionate leaders.  Whether teachers, engineers, curriculum writers, or financial managers — whatever your expertise or role, we all work to empower futures through learning. And changing the trajectory of learning itself is one of our greatest missions.  Join us in developing more effective ways to learn and helping learners build the skills and confidence they need to make their way forward in life.

The Incident Response Analyst is responsible for implementing, maintaining, monitoring, and managing security event & incident management capabilities. The Incident Response Analyst engages in all phases of the incident response process and communicate with key personnel across the organization.  This role requires you to work independently and requires a solid understanding of analysis, of operating systems, AWS and Azure cloud technologies, networking technologies, and deep technical knowledge of cyber-attacks.  The IR Analyst will work with internal and external resources to identify, investigate, and help remediate information security events. This may include assessing risks; developing, coordinating, and leading incident response; forensics, monitoring and compliance, and preventing / detecting suspicious activity.  The IR analyst delivers these capabilities in accordance with the organization’s architectural designs, best practices, and regulatory or compliance requirements.  As risks & threats change, the IR Analyst is responsible for recommending modifications and enhancements to ensure the organization is evolving with the threat landscape.  

ESSENTIAL FUNCTIONS:   Reasonable accommodations may be made to enable individuals with disabilities to perform the essential duties.
  •  Develop, deploy & support Security Incident & Event Monitoring (SIEM) software, tools, and technology capabilities for a hybrid-cloud environment (on-prem, AWS, O365, and Azure); 
  • Advanced event monitoring and analysis of network traffic, endpoint indicators, cloud hosted systems, and various log sources to identify the threat, assess the potential damage, and recommend countermeasures;
  • Perform digital forensics on network, host, memory, and other artifacts originating from multiple operating systems, applications, or networks and extract IOCs (Indicators of Compromise) and TTP (Tactics, Techniques, and Procedures;
  •  Assist with incident response and system stability issues as they occur. This may include involvement outside of regular work hours;
  •  Automate information security activities related to incident response, data analytics, and reporting.
  •  Develop security functions and detection logic to address the risks posed by advanced threat actors using SIEM, EDR, ATP, DLP, and/or other security technologies;
  •  Perform e-discovery requests as needed;
  • Collect, analyze, assess, and disseminate information about cyber threats and potential attacks;
  • Conduct human-driven, proactive, and iterative hunts through enterprise networks, endpoints, or datasets to detect malicious, suspicious, or risky activities that have evaded detection by existing tools;
  • Lead the Computer Incident Response Team (CIRT) in responding to active and time-sensitive threats including communications and coordination across different teams;
  • Work closely with other members of the Information Security team to lead changes in the company’s defense posture; 
  •  Develop security test plans from architectural design. Identify deficiencies and make recommendations. 
Supervisory Responsibilities: This position has no formal supervisory responsibilities.

MINIMUM REQUIRED QUALIFICATIONS:   
  • Bachelor’s degree in management, science, engineering, computers, or a technical field AND
  • Three (3) years of experience in information security or email administration or a related field OR
  • Equivalent education / service and experience. 
Certificates and Licenses: None required.

OTHER REQUIRED QUALIFICATIONS:  
  • Experienced with relevant SIEM supporting & integrating technologies such as JSON, APIs, etc. used in security incident detection and response
  • Highly technical and analytical expertise, with a proven deep background in technology design, implementation, and delivery.  
  • Demonstrable and hands-on experience with AWS and Azure event logging technologies
  • Skilled in meeting vulnerability and penetration testing requirements. 
  •  Experience Office 365 Advanced Threat Protection (ATP) and endpoint event detection technologies. 
  •  Experience with TCP/IP, Unix & Windows operating systems, and Oracle, and SQL databases.
  • General frequent use and application of cyber technical standards, principles, theories, concepts, and techniques.
  •  Prior experience with ELK Stack and other Open-Source SIEM technologies preferred
  • Microsoft Office (Outlook, Word, Excel, PowerPoint, Project, Visio, etc.); Web proficiency.
  • Ability to clear required background check.

DESIRED QUALIFICATIONS:  
  •  Prior work experience in a regulated hybrid-cloud environments. 
  • Prior experience in education industry.
  • Experience with TCP/IP, Unix, and Windows operating systems
  • Experience with Office 365 Advanced Threat Protection
  • Ability to establish good working relationships with team members, colleagues, and external organizations. 
  • Demonstrable ability to develop value-driven & budget conscious security capabilities
  • Holds one or more including: Microsoft Certified: Azure Security Engineer Associate, Security +, CISSP, etc. SIEM or Incident Response focused certifications preferred.
  •  
WORK ENVIRONMENT:  The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
  • This position is virtual and open to residents of the 50 states and D.C.

Compensation & Benefits: Stride, Inc. considers a person’s education, experience, and qualifications, as well as the position’s work location, expected quality and quantity of work, required travel (if any), external market and internal value when determining a new employee’s salary level.  Salaries will differ based on these factors, the position’s level and expected contribution, and the employee’s benefits elections.    
  • We anticipate the salary range to be $51,122 to $120,000. The upper end of this range is not likely to be offered, as an individual’s compensation can vary based on several factors. These factors include, but are not limited to, geographic location, experience, training, education, and local market conditions. Eligible employees may receive a bonus. Stride offers a robust benefits package for eligible employees that can include health benefits, retirement contributions, and paid time off.
 
The above job is not intended to be an all-inclusive list of duties and standards of the position. Incumbents will follow any other instructions, and perform any other related duties, as assigned by their supervisor.  All employment is “at-will” as governed by the law of the state where the employee works.  It is further understood that the “at-will” nature of employment is one aspect of employment that cannot be changed except in writing and signed by an authorized officer.  

Stride, Inc. is a Federal Contractor, an Equal Opportunity/Affirmative Action Employer and a Drug-Free Workplace. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, protected Veteran status age, or genetics, or any other characteristic protected by law.
Apply Now