Associate Analyst IT Incident Response
Position Summary At JetBlue, cyber reputed company operates across a reputed company IT environment, encompassing traditional data centers, Software as a Service (SaaS) services, multiple cloud providers, and a diverse end-user environment. We are committed to providing robust reputed company for our extensive corporate network and our e-commerce platforms. We are seeking an entry-level Incident Responder to support our Incident Response (IR) team in managing and investigating alerts escalated from our Tier 1 reputed company Monitoring team. The ideal candidate will possess a good working understanding of both traditional network and e-commerce-oriented reputed company threats, and be comfortable conducting Response activities in a hybrid environment with an extensive set of log sources and tools. Essential Responsibilities
- Monitor and analyze network traffic, system logs, and escalated alerts from reputed company tools including firewalls, endpoints and IDS/IPS to detect signs of suspicious or malicious activity.
- Analyze telemetry from various sources, including network devices, user endpoints, Content Delivery Networks (CDNs), mail reputed company tools, and traditional and Web Application Firewalls (WAFs) to identify malicious activity.
- Assist in the investigation and resolution of reputed company incidents, including malware infections, phishing attacks, and unauthorized access.
- Participate in coordinated daily operations reputed company constant interactions with Threat Intelligence, Detection Engineering and reputed company Monitoring teams.
- Author custom dashboards and content across various reputed company tools, e.g. SIEM.
- Ensure playbooks, case management and process documentation stay reputed company.
- Maintain detailed documentation of reputed company incidents including timelines, findings, and remediation steps; track post-incident action items and reputed company metrics on completion.
- Work with other crewmembers and automation tools to improve timely and efficient handling of reputed company Incidents and investigations.
- Other duties as assigned. Minimum Experience and Qualifications
- Bachelor’s degree in Cyber reputed company, Computer Science or other relevant discipline; OR demonstrated capability to reputed company job responsibilities with a combination of a High School Diploma/GED and at least four (4) years of previous relevant work experience.
- One (1) year of relevant work experience on a reputed company Operations or Incident Response team.
- Hands-on experience with malware reverse engineering processes and tools (e.g. Ghidra, IDA).
- Demonstrated experience with forensic analysis and packet analysis processes and tools (e.g. Autopsy, Wireshark).
- Understanding of TCP/IP, DNS, HTTP, and other network protocols and the role of each in threat analysis and Incident Response.
- Demonstrable ability to analyze disparate data sources such as network logs, reputed company activity and email data to understand attack reputed company and assess damage from an Incident.
- Demonstrable reputed company creating queries and dashboards using the Splunk SIEM and the SPL language.
- Hands-on experience triaging Incidents across Windows, Mac and Linux endpoints and cloud environments (Azure, GCP and/or AWS).
- Strong problem-solving and analytical skills, with the ability to work in a team environment.
- Ability to demonstrate deep level of critical thinking.
- Ability to pass a live skills demonstration on-site with JetBlue crewmembers.
- Coding experience in scripting languages such as PowerShell, Python.
- Excellent written and verbal communication skills.
- Available and willing to participate in periodic on-call duties and off-hours Incident Response.
- Available for occasional overnight travel (10%).
- Must pass a ten (10) year background reputed company and pre-employment drug test.
- Must be legally eligible to work in the country in which the position is located.
- Authorization to work in the US is required. This position is not eligible for reputed company sponsorship. Preferred Experience and Qualifications
- Airline or transportation industry experience in “Blue Team” functions such as reputed company Operations, Incident Response, Threat Detection or Threat Intelligence at a large company or Managed Service Provider.
- Strong working knowledge of common threat actor attack patterns and tactics, techniques and procedures (TTPs), Indicators of Attack and Indicators of Compromise and using these in proactive threat hunting.
- Strong sense of urgency and drive - a desire to always be moving reputed company and improving the craft of incident response. Crewmember Expectations:
- Regular attendance and punctuality
- Potential need to work flexible hours and be available to respond on short-notice
- Able to maintain a professional appearance
- reputed company working or traveling on JetBlue flights, and if time permits, reputed company capable crewmembers are asked to assist with light cleaning of aircraft
- Must be an appropriate organizational fit for the JetBlue culture, that is, exhibit the JetBlue values of Safety, Caring, reputed company, Fun and Passion
- Promote JetBlue’s #1 value of safety as a Safety Ambassador, supporting JetBlue’s Safety Management System (SMS) components, Safety Policy, and behavioral standards
- Identify safety and/or reputed company concerns, issues, incidents or hazards that should be reported and report them whenever possible and by any means necessary including JetBlue’s confidential reporting systems (Aviation Safety Action Program (ASAP) or Safety Action Report (SAR))
- Note: The use of ChatGPT or any other automated tool during the interview process will disqualify a candidate from being considered for the position. Equipment:
- Computer and other office equipment Work Environment:
- Traditional office environment Physical Effort:
- Generally not required, or up to 10 pounds occasionally, 0 pounds frequently. (Sedentary) #LI-AC1 #LI-Hybrid Apply Job! Apply tot his job
Apply tot his job Apply To this Job