Eaton has an opening for a Lead, Incident Response Analyst in the Architecture, Governance & Security Center of Excellence (AGSCoE). The Lead, Incident Response Analyst role will be located at Eaton Center in Beachwood, Ohio.

The Lead, Incident Response Analyst role will be responsible to identify, analyze and respond to cyber threats as part of Eatonyber Security Incident Response Team (CSIRT). This analyst will play a leadership role in the Prevent, Detect, Respond strategy to protect Eatonntellectual property and brand in a highly complex, global, multi-technology, regulated and diversified business environment.

The Lead, Incident Response Analyst must understand CSIRT functions and participate in threat analysis, escalation, and remediation at an incident or threat level, including:

Administer/manage technical systems per prescribed procedures

Execute ITSM processes (Change, Request, Incident, Problem management) on technical IT systems at the component level

Analyze network, end-point, application, and identity data for signs of malicious activity

Conduct non-signature based detection of malicious activity

Perform end-point sweeps for Indicators of Compromise

Develop, refine, and maintain incident and event rules to focus detection operations

Escalate incidents as defined in the established operating procedures

Perform daily response operations with a schedule that may involve nontraditional working hours

Develop and refine operating procedures to improve efficiency and effectiveness of incident response

Execute project tasks to enhance CSIRT capabilities

Collaborate with Security Operations and L1 SOC to improve prevention and detection methods

Coordinate and execute activities to eliminate malware, advanced persistent threats within a remediation event

Enabling Actions:

Log and registry analysis

Task-level system administration

System monitoring

Threat and vector analysis

Task estimation & scheduling

Creating technical documentation and standard operating procedures

Design remediation plan activities

Raise awareness and provide training to end users

Responsible for technical delivery of assigned vendors and junior developers

Technical mentoring of junior analysts

Provide guidance for contractor resources

Participate in evaluation of new tools /modules (technologies), benchmarking

Participate in remediation of advanced persistent threats

Qualifications

Basic Qualifications:

• Bacheloregree from an accredited institution
• Minimum 3 years IT experience required
• No relocation offered; candidate must reside within 50 miles of Eaton Center, Beachwood, OH site
• Candidates must be authorized to work in the US on a continuous basis without company sponsorship
• This position requires use of information or access to hardware which is subject to the International Traffic in Arms Regulations (ITAR). All applicants must be U.S. persons within the meaning of ITAR. ITAR defines a U.S. person as a U.S. Citizen, U.S. Permanent Resident (i.e. 'Green Card Holder'), Political Asylee, or Refugee

Position Criteria

• 3 years in cyber security with exposure to forensics, advanced threat or malware remediation
• Strong analytical and problem-solving skills
• Broad understanding of Information Security with relevant work experience and/or relevant certifications.
• Solid understanding of common threats, penetration/intrusion techniques and attack vectors.
• Working knowledge of a broad range of current IT platforms and technologies.

Preferred Qualifications:

• Bacheloregree in a technical discipline such as: B.E / BTech / MCA / Equivalent (EITC) or B.S. Comp Sci / Mathematics / Engineering / Equivalent
• 2+years of experience in creating customized detection signatures and alerts for enterprise monitoring tools.
• 2+ years of experience in correlating events from multiple sources to detect suspicious and/or malicious activity.