Expert Cyber Incident Responder and Threat Hunter - ICMA-RC dba MissionSquare Retirement
Washington, DC 20001
About the Job
Join a great place to work with MissionSquare Retirement, a FINANCIAL SERVICES LEADER in public sector employee retirement products and services. Headquartered in Washington, DC, MissionSquare Retirement was founded to provide portable retirement benefits for city and county managers, enabling accumulated retirement assets to be transferred between employers. Today, MissionSquare Retirement serves more than 1.5 million participant accounts, and more than 9,000 retirement plans across the country. We have an extraordinary talent base and invite you to consider joining MissionSquare Retirement's Technology Team.
Please note: This position is not limited to Washington, DC. It is available for remote candidates across the United States.
The Expert Analyst, Cyber Security (Expert Cyber Incident Responder and Threat Hunter) will take a proactive approach to identifying and mitigating potential cyber threats, utilizing advanced techniques to stay ahead of evolving attack vectors. The position involves a combination of technical expertise, analytical skills, and the ability to collaborate with cross-functional teams. This role requires coordination of incident response (IR) activities across the company and working closely with stakeholders and information security team members. This role will investigate, validate and communicate known details about the incident and work closely with cybersecurity leadership.
Essential Functions for this role include:
- Proactive Threat Detection: Utilize advanced threat hunting techniques to identify and analyze potential threats. Conduct in-depth analysis of security data, logs, and network traffic to uncover malicious activities.
- Custom Tooling and Automation: Develop and utilize custom tools and scripts to enhance threat hunting efficiency. Implement automation where applicable to streamline repetitive tasks in threat identification.
- Threat Intelligence: Stay informed about the latest cyber security threats and vulnerabilities to enhance proactive threat hunting capabilities. Integrate threat intelligence into daily hunting activities for early identification of emerging threats and into incident response processes to enhance detection and response capabilities.
- Incident Investigation: Investigate and analyze security incidents to determine the scope, impact, and root cause. Collaborate with incident responders to develop effective mitigation strategies.
- Incident Response: Develop and execute incident response plans and playbooks to contain, eradicate, and recover from security incidents. Coordinate with IT and other relevant teams to ensure a swift and effective response. Document case notes and communicate analysis from initial investigation through closure and post-mortem.
- Forensic Analysis: Coordinate digital forensic investigations to gather evidence and identify the root cause of incidents. Maintain collection, storage and preservation of evidence following strict control and chain of custody.
- Continuous Improvement: Participate in the enhancement of threat hunting procedures and methodologies to identify areas for improvement. Contribute to the development and tuning of security analytics to improve detection capabilities. Identify strengths and weaknesses in the program for team members to improve skills and knowledgebase.
- Collaboration and Reporting: Collaborate with other cybersecurity teams to share threat insights and findings. Provide detailed and clear reports on identified threats, including recommended mitigation strategies.
- Maintain professional accountability to train, work with new solutions, and retain knowledge and abilities with existing solutions.
- Perform other duties as assigned.
If you have the following skills, we encourage you to apply:
- Bachelor's degree or equivalent experience.
- Five to seven years of experience.
- Extensive experience in threat hunting, incident response and cyber security operations.
- In-depth knowledge of cybersecurity threats, attack vectors, and TTPs (Tactics, Techniques, and Procedures).
- Proficient in using security tools and technologies for monitoring and analysis.
- Administration with network and host configurations, endpoint detection response configurations, application security, encryption and cloud services.
- Strong understanding of networking protocols, malware analysis, and digital forensics.
- Demonstrated knowledge of forensic tools including, but not limited to, Forensic Case Notes, AccessData Forensic Toolkit, Magnet Axiom, EnCase, X-Ways, REMnux and Sift.
- Proficient use of scripting with one or more programming language including Python, PowerShell, JavaScript and Bash.
- Clear understanding of evidence preservation and chain of custody.
- Proficient with cloud investigations (AWS and Azure).
- Strong written and oral communication skills across varying levels of the organization.
Relevant certifications such as CISSP, GIAC, CISM, CHFI, GCFA, or OSCP are highly desirable.
To benefit your career and support your wellbeing, we offer:
- Competitive Total Rewards (compensation and benefits) package, including 401(k) Plan with matching contributions
- Varied incentive plans
- Flexible/Hybrid work schedules
- Wellness programs
- Tuition reimbursement
- Professional and career development courses
- Mentoring programs
- Volunteerism program
As a company, MissionSquare Retirement is an Equal Opportunity Employer. We strive to create an environment that reflects the value and diversity of our employees and fosters respect among them. We believe that talent from diverse backgrounds will further enhance our ability, and mission, to serve those who serve their communities.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, or any other protected classifications under any applicable law.
SYSTEMS & SECURITY