Military Spouse Connection Jobs

Job Description

* Performing rapid response and triage of security incidents, data breaches, malware infection, & other system compromises as escalated by the Cyber Defense Operations Center (CDOC)

* Perform containment & eradication by assessing the situation, containing threats, & eradicating it from affected systems

* Adhere to strict procedures for evidence collection, ensuring the integrity of digital evidence throughout the investigation (Chain of Custody)

* Facilitate communication and collaborate with internal teams, management, and external stakeholders to provide timely updates on incident progress

2. Support forensics & investigations on Windows, Mac, and Linux platforms as well as Cloud environments (AWS, GCP, Azure) and Microsoft 365

3. Demonstrate familiarity with security controls/tooling used by TransUnion in an IR capacity, such as:

* Splunk and Elasticsearch

* Splunk SOAR (For case management)

* Endpoint: Microsoft Defender for Endpoint, CrowdStrike, Wazuh, & Tanium

* Network: Netskope SWG and CASB, Palo Alto IPS, CloudFlare WAF, Extrahop, & NetWitness

* IAM: Azure AD

4. Demonstrate and provide in-depth knowledge with Threat Actor tactics, techniques, and procedures (TTPs), log analysis, network traffic analysis, and analyzing system artifacts (file system, memory, running processes, network connections) for indicators of infection/compromise

5. Provide forensic tool expertise with proficiency in using software such as Magnet Forensics, Joe Sandbox, IDA Pro, and/or Wireshark

6. Support Malware Analysis to understand its behavior and impact as well as identifying indicators of compromise (IOCs)

7. Document investigative findings in a manner aligned with TU Processes & DFIR best practices

8. Support Incident Reporting for management, legal, and regulatory purposes

9. Organize, perform, and support Cybersecurity tabletop exercises

10. When not addressing an active IR Investigation:

* Lead & assist with IR process workflow improvements

* Lead & assist with Threat Hunting activities to identify unknown threats and posture gaps

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com .

To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/ .

Skills and Requirements

* Performing rapid response and triage of security incidents, data breaches, malware infection, & other system compromises as escalated by the Cyber Defense Operations Center (CDOC)

* Perform containment & eradication by assessing the situation, containing threats, & eradicating it from affected systems

* Adhere to strict procedures for evidence collection, ensuring the integrity of digital evidence throughout the investigation (Chain of Custody)

* Facilitate communication and collaborate with internal teams, management, and external stakeholders to provide timely updates on incident progress

2. Support forensics & investigations on Windows, Mac, and Linux platforms as well as Cloud environments (AWS, GCP, Azure) and Microsoft 365

3. Demonstrate familiarity with security controls/tooling used by TransUnion in an IR capacity, such as:

* Splunk and Elasticsearch

* Splunk SOAR (For case management)

* Endpoint: Microsoft Defender for Endpoint, CrowdStrike, Wazuh, & Tanium

* Network: Netskope SWG and CASB, Palo Alto IPS, CloudFlare WAF, Extrahop, & NetWitness

* IAM: Azure AD

4. Demonstrate and provide in-depth knowledge with Threat Actor tactics, techniques, and procedures (TTPs), log analysis, network traffic analysis, and analyzing system artifacts (file system, memory, running processes, network connections) for indicators of infection/compromise

5. Provide forensic tool expertise with proficiency in using software such as Magnet Forensics, Joe Sandbox, IDA Pro, and/or Wireshark

6. Support Malware Analysis to understand its behavior and impact as well as identifying indicators of compromise (IOCs)

7. Document investigative findings in a manner aligned with TU Processes & DFIR best practices

8. Support Incident Reporting for management, legal, and regulatory purposes

9. Organize, perform, and support Cybersecurity tabletop exercises

10. When not addressing an active IR Investigation:

* Lead & assist with IR process workflow improvements

* Lead & assist with Threat Hunting activities to identify unknown threats and posture gaps null

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal employment opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment without regard to race, color, ethnicity, religion,sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military oruniformed service member status, or any other status or characteristic protected by applicable laws, regulations, andordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request to HR@insightglobal.com.