Note: The job is a remote job and is open to candidates in USA. Donnelley Financial Solutions (DFIN) is a values-driven organization committed to employee well-being and professional growth. The Senior Cyber Threat Analyst will lead the investigation of cybersecurity incidents, acting as a subject matter expert in incident response, threat hunting, and forensics while mentoring other analysts.
Responsibilities
- Lead incident response activities to identify, assess, contain, mitigate all observed threats and document all investigational efforts for multiple audiences
- Develop and operationalize incident response runbooks with an emphasis on automation and ability to measure incident response effectiveness (Develop/track KPIs)
- Document and track incident response investigations, including observed IOCs and TTPs, system(s) impacted, criticality and scope of any data exposure, lessons learned, follow-up items
- Act as a liaison between a diverse group of teams including engineering, security, and network & system operations to ensure effective adoption of incident response requirements and operational considerations
- Act as incident manager for all declared cyber security incidents
- Conduct traditional forensic and data acquisition activities utilizing industry standard commercial and open-source toolsets
- Identify, analyze, and interpret trends or patterns in complex data sets
- Work with the functional business areas as needed during incident response investigations
- Develop, customize, and maintain reporting around key metrics related to investigational and threat hunting activities
- Serve as a trusted advisor to the team Lead, Manger, and the SVP, and CISO on sensitive matters warranting confidentiality
- Communicate and present issues/investigation results to peer and executive-level audiences
- Demonstrate subject matter expertise across most technology domains
- Perform other duties as assigned
Skills
- Bachelor's degree with 8+ years of relevant experience or 10+ years of equivalent experience through work and education
- 8+ years of cybersecurity investigation and incident response experience
- Strong understanding of operating systems (Windows, macOS, Linux, Unix, mobile)
- Experience investigating incidents in cloud environments (SaaS, PaaS, and other cloud platforms)
- Security certifications (e.g., CISSP, GSEC, GCFA, GCFE)
- Strong analytical and problem-solving skills
- Knowledge across cybersecurity domains, including firewalls, IDS, and network security platforms
- Experience leveraging threat intelligence in security operations
- Advanced knowledge of cyber attack techniques and mitigation strategies
- Ability to assess risk using qualitative and quantitative methods
- Strong communication skills for technical and leadership audiences
- Proven ability to handle confidential data and follow procedures
- Ability to perform effectively in fast-paced, high-pressure environments
- Expertise in incident response, digital forensics, network traffic, log, and malware analysis
- Familiarity with MITRE ATT&CK and ATLAS frameworks
- Experience with SIEM, SOAR, and EDR tools for detection and response
Benefits
- Competitive compensation
- A flexible workplace
- Comprehensive benefits
- Opportunities for professional growth
Company Overview
Company H1B Sponsorship