Information Security Sr. Analyst - Incident Response

Black & Veatch values the unique skills and experiences of our professionals. We believe that the interchange of ideas from a diverse group of people provides our teams with an expanded perspective and the ability to find better solutions for our clients.

Job Summary

As an Information Security Sr. Analyst specializing in Incident Response, you will be a key member of the computer security incident response team. Your primary responsibility will be to develop and execute standards, procedures, and processes designed to uncover, resist, and recover from security incidents. This role is ideal for an early-career analyst eager to learn and grow within the cybersecurity field. We seek individuals with strong technical acumen, passion, and determination, which will be highlighted during the interview process for this technically challenging career track.

Key Responsibilities

• Respond to computer security incidents in accordance with established policies and procedures.
• Provide technical guidance to first responders for effective handling of cybersecurity incidents.
• Deliver timely and relevant updates to appropriate stakeholders and decision-makers.
• Communicate investigation findings to relevant business units to enhance overall cybersecurity posture.
• Validate and maintain incident response plans and processes to proactively address potential threats.
• Compile and analyze data for management reporting and metric generation.
• Analyze the potential impact of new threats and communicate associated risks to detection engineering functions.
• Perform root-cause analysis to document findings and participate in root-cause elimination activities as needed.
• Triage and assess the risk of incidents, conducting real-time analysis and managing workload during investigations and incidents.
• Create runbooks for frequently occurring incidents to automate or assist with case resolution.

Preferred Qualifications

• Candidates will be evaluated primarily on their ability to demonstrate the competencies required for success in the role.
• Evaluation will be based on the ability to perform the listed duties while demonstrating key skills and competencies for effectiveness, including:
• Ability to communicate complex technical issues clearly and effectively to diverse audiences, both orally and in writing, in an authoritative and actionable manner.
• Understanding of organizational mission, values, and goals, and consistent application of this knowledge.
• Strong decision-making capabilities with a proven ability to weigh costs and benefits of potential actions and select the most appropriate one.
• Ability to effectively influence others to modify their opinions, plans, or behaviors.
• A team-focused mentality with the proven ability to work effectively with diverse stakeholders.
• Strong problem-solving and troubleshooting skills.

Minimum Qualifications

• Minimum of 5 years of experience in incident response.
• Bachelor's or Master's degree in computer science, information security, or a related field.
• Familiarity with incident response frameworks and methodologies, such as NIST 800-61 and MITRE ATT&CK.
• Experience with incident response tools and technologies, including Security Information and Event Management (SIEM), forensics, and/or threat intelligence tools, even in a lab environment.
• Experience in reporting and communicating incident details, improving incident response processes, and recovering from security incidents is beneficial.

All applicants must be able to complete pre-employment onboarding requirements, which may include background checks, drug screening, and motor vehicle record searches, in compliance with applicable laws and regulations.

Certifications

Contact Compensation

Work Environment/Physical Demands

Contact Compensation

Competencies

Salary Plan

ITS: Information Technology Service

Job Grade

016

Black & Veatch is an Equal Employment Opportunity (EEO) employer. We do not discriminate on the basis of age, race, religion, color, sex, national origin, marital status, genetic information, sexual orientation, gender identity and expression, disability, veteran status, pregnancy status, or any other protected status under law. By valuing diverse voices and perspectives, we cultivate an authentically inclusive environment and provide innovative solutions for our clients.