IT Incident Response Analyst

Starr Insurance Companies is a leading insurance and investment organization, providing commercial property and casualty insurance, including travel and accident coverage, to almost every imaginable business and industry in virtually every part of the world.
Cornelius Vander Starr established his first insurance company in Shanghai, China in 1919. Today, we are one of the world’s fastest growing insurance organizations, capable of writing in 128 countries on 6 continents.

Starr’s Information Security Team is seeking a candidate to join our Incident Response Team. Qualified candidates will possess a general understanding of the current cyber security threat types, attack methodologies, & the common controls & counter measures deployed to detect & defend against them. Candidates should be familiar with IR processes including documenting incident details, performing root cause, & lesson learned analysis.

Specific Skills & Responsibilities:

• Responsible carrying out daily monitoring & response security procedures
• Monitor IT Systems, Security alerting queues, & review daily reports
• Perform initial incident assessment, evidence gathering, & triage
• Escalate incidents, & participate in remediation efforts
• Provide feedback & recommendations for improvement of security controls & response procedures
• Communicates with peer Security/Operations teams & management with expected interactions with business users & vendors
• Assists with day-to-day security functions, respond to help tickets, requests for assistance with accessing Starr systems & software
• Splunk Log & Event Platform (basic query & report building)

Related & Desired Skills & Work experience:

• Bachelors Degree in Information Technology, Engineering, or a related field preferred but not required.
• 2 years working in the Information Technology or Computing Field preferred but years in other career paths considered. 
• Basic understanding of security defenses (anti-virus, firewalls, access controls)
• Basic understanding of types of attacks, exploits & methods used to compromise or damage computing systems & networks.
• Basic understanding of networking & internet communications
• Security+ or similar security certification a plus
• Experience with any of the following technologies greatly preferred:
  • Splunk Log & Event Platform (basic query & report building)
  • Network Access Control
  • Vulnerability Scanning
  • Advanced Detection & Response Endpoint Agents
  • Network Packet Capture & Event Analysis
  • Threat Intelligence Platforms
  • Microsoft Patching & Device Management Platforms
  • Experience with Splunk SOAR a plus
  • Experience with scripting, (batch, PowerShell, python, etc..) a plus

#LI-EP1

Starr is an equal opportunity employer, which means we'll consider all suitably qualified applicants regardless of gender identity or expression, ethnic origin, nationality, religion or beliefs, age, sexual orientation, disability status or any other protected characteristic. We recruit and develop our people based on merit and we're committed to creating an inclusive environment for all employees. We offer first class training and development opportunities to all employees. Our aim is to grow our own talent and bring out the best in people.