Skip Navigation

We’re attacking cancer With research

Search Our Jobs

Search Our Jobs

Sr. Security Risk Analyst - Incident Response - Remote

Job ID 29181152928 Location Atlanta, Georgia Position Type Full-time

At the American Cancer Society, we're leading the fight for a world without cancer. Our employees and 1.5 million volunteers are raising the bar every single day. We actively seek candidates from diverse backgrounds including communities of color, the LGBTQ community, veterans, and people with disabilities. The greater the diversity of our people, the better we can serve our communities.

The people who work at the American Cancer Society focus their diverse talents on our lifesaving mission. It is a calling. And the people who answer it are fulfilled.

 

Position Description

This position is a remote role, open anywhere throughout the United States.

JOB SUMMARY

The Security Risk Analyst, Incident Response works as part of the Cybersecurity Services team and, at times, in an individual capacity. This role requires coordination of incident response (IR) activities across the enterprise and working closely with stakeholders and Cybersecurity Services team members. Additionally, individuals engage in suspected and confirmed incidents, which may vary in impact. This analyst will investigate, validate, and communicate known details about the incident and work closely with leadership.

Strong IR skills are required to excel in this role, given the complexity and evolution of internal and external threat actors. Technical and analytical skills are paramount, as well as the ability to communicate effectively with technical and nontechnical colleagues. This is a fast-paced role and one that involves the ability to read the room and adapt communication. The Security Risk Analyst, Incident Response will rely on factual and data-driven assessments and not lead with fear or assumptions. The ideal candidate is one who is highly technical but possesses some business acumen, having worked in security administration, incident response and security operations center (SOC) roles. Practical IR management, and hands-on technology experience in security principles is required in this role.

MAJOR RESPONSIBILITIES

Incident Response:

  • Respond to and investigate internally and externally driven incidents. Response may need to occur off-hours and on a scheduled rotation.
  • Coordinate incidents included, but not limited to, ransomware, host compromise, credential and account compromise, phishing, internal threats, third parties, and data leakage.
  • Review events for anomalies and possible incidents.
  • Work closely with information security leadership and business stakeholders and as part of a team of responders
  • Regularly lead and participate in incident response tabletop exercises designed to identify gaps, improve skills, enhance communication, and engage with key stakeholders.
  • Review technical reports from vulnerability and penetration testing assessments, as well as results from tabletop exercises to identify exposure to future incidents.
  • Refine, recommend, and maintain playbooks, policies, procedures and guidelines, and align with industry best practices.
  • Monitor performance of Incident Response services by defining and tracking key performance indicators and producing those reports regularly and as needed by leadership.
  • Liaison with threat hunting, infrastructure, IT, vulnerability management, threat intelligence and software engineer team members.
  • Document and communicate incident details from initial investigation through closure and post-mortem.
  • Maintain chain of custody and verify evidence is preserved and has not been tampered with.
  • Under management supervision and direction, communicate with legal and, when needed, external response firms and law enforcement.
  • Uphold professional accountability to remain educated on incident response skills and abilities.
  • Identify strengths and weaknesses in the program for team members to improve skills and knowledgebase.
  • Openly support the organization, management, and executive leadership team, even during times of adversity.
  • Perform other duties as assigned.

 

Position Requirements

FORMAL KNOWLEDGE

  • Preferably 5+ years’ experience, or more, in security systems administration, and 3+ years in a security incident response or related role.
  • Understanding of threats and vulnerabilities, in addition to principles of IR and chain of custody.
  • Hands-on experience with forensic tools, log correlation and malware analysis solutions.
  • SIEM, threat intelligence platform, directory services, vulnerability management and endpoint configuration experience.
  • Knowledgeable about cloud services, third-party risk management and application security.
  • Bachelor’s or master's degree in Computer Science, Information Systems, or another related field. Or equivalent combination of education and work experience.
  • 5+ years of relevant Information Technology (IT) experience. IT Security technical hands-on experience including vulnerability scanning, log management systems, Active Directory and Unix system security, Application Security, Security Information and Event Management (SIEM) Systems, asset and patch management systems, virtualization platform security, and securing of cloud security solutions.
  • Track record of acting with integrity, taking pride in work, seeking to excel, and being curious and flexible
  • Experience with Cybersecurity Incident Response Process documentation.
  • Experience with IT Forensics processes and procedures a plus.
  • IT Security certifications a plus.
  • Knowledge of frameworks, NIST CSF, PCI-DSS, CIS Controls v8, or similar a plus.
  • Broad range of knowledge, including both technical and non-technical facets of IT internal controls and compliance, including logical and physical controls for applications, infrastructure, and e-Commerce.
  • Knowledge of industry best practices and standards for IT Security and Risk Management.

SPECIALIZED TRAINING OR KNOWLEDGE

Security certification such as Security +, CISSP, CISM, CRISC, or CISA desired

The full compensation range established for this position begins at a minimum of $85,000 annually.* Actual starting pay may differ based on non-discriminatory factors including, but not limited to, geographic location, experience, skills, specialty, and education.

The American Cancer Society has adopted a vaccination policy that requires all staff, regardless of position or work location, to be fully vaccinated against COVID-19 (except where prohibited by state law).

ACS provides staff a generous paid time off policy; medical, dental, retirement benefits, wellness programs, and professional development programs to enhance staff skills. Further details on our benefits can be found on our careers site at: jobs.cancer.org/benefits. We are a proud equal opportunity employer.

Equal Opportunity Employer.

See our commitment to a policy of Equal Employment Opportunity to continually ensure equal opportunity to our employees and to our applicants.

Sign up for job alerts

Stay up-to-date about the latest career opportunities at American Cancer Society!

Areas of InterestChoose at least one category and/or location from the auto-suggestions and click ‘Add’ to subscribe.

  • Information Technology, Atlanta, Georgia, United StatesRemove