Senior Incident Response Analyst

:

Position Details

Position Information Recruitment/Posting Title Senior Incident Response Analyst Job Category Staff & Executive - Information Technology Department VP for Information Technology Overview Rutgers, The State University of New Jersey, is a leading national research university and the State of New Jersey's preeminent, comprehensive public institution of higher education. As one of the largest employers in the State of New Jersey, Rutgers University is committed not only to the students and the State that we serve, but also to the faculty and staff who work on our campuses. For two consecutive years, Rutgers is ranked on Forbes' list of America's Best Large Employers. Rutgers holds #64 of 500 employers and is the #1 New Jersey employer on the publication's 2023 list. Rutgers' commitment to its employees includes maintaining and fostering a safe, diverse, and respectful workplace environment, creating employment opportunities for our nation's military veterans, and ensuring accessibility and accommodation for individuals with disabilities. Posting Summary Rutgers, The State University of New Jersey, is seeking a Senior Incident Response Analyst for the Office of Information Technology (OIT). Reporting to the Information Technology Manager, the Senior Incident Response Analyst is expected to perform daily operations of the incident detection and response program, which includes finding evidence of threats or suspicious behavior and leveraging data to improve controls and processes as well as monitoring of information security incidents throughout Rutgers' computing environment. Among the key duties of this position are the following:

• Serves as an escalation point for Incident Response Analysts and provide expert-level analytic, investigative and forensic support of complex security incidents to detect and remediate security threats on networks, workstations, servers, and other connected devices.
• Provides expert level advice and services to business units throughout the University while participating in all phases of Rutgers' Integrated Incident Response Program (Prepare, Detect & Analyze, Contain, Eradicate, Recovery, Report, Remediate).
• Hunts for indicators of compromise, APTs, or other threats within the environment, utilizing SIEM data, available cybersecurity tools and datasets.
• Creates, recommends, and assists with the development of new security content, including alerts, dashboards, playbooks, reports, and responses.
• Research new threats as they emerge to understand trends and TTP's of the current cybersecurity landscape and use that data to enhance Rutgers' detection capabilities.
• Ingests response information and data from incident writeups, malware reports, and other technical documentation to continuously improve processes, develop more efficient operations, and spawn additional hunting opportunities.
• Handles other duties as assigned.
• Serves as an escalation point for Incident Response Analysts and student-workers.
• Provides analytic, investigative, and forensic support of complex security incidents.
• Performs analysis of security incidents for further enhancement of alerts, dashboards, playbooks, reports, and responses.
• Adheres to and leads in the development of documentation policies, standards, procedures and security plans.
• Documents and presents the results of threat hunt analysis and detection, potential remediation, and recovery in an effective and consistent manner.
• Represent the Incident Detection and Response team in key relationships within the Information Security Office (Risk, Security Operations, and Compliance) and in other areas of the University such as Network Operations and Enterprise Infrastructure as necessary.
• Provides communications about any issues, problems, or plans that are informative, clear, concise and timely.
• Maintains familiarity with the NIST Cybersecurity Framework, HIPAA, PCI, FISMA, GLBA and other Information Security regulations.
• Stays current on security trends by attending appropriate training and/or seminars.
• Interacts with co-workers, visitors, and other staff consistent with Rutgers' values.
• Leads projects and initiatives to achieve the objectives of the Information Security Office.
• Identify services, practices and procedures that need improvement.

FLSA Exempt Grade 07 Salary Details Minimum Salary 104490.00 Mid Range Salary 132183.00 Maximum Salary 159875.00 Offer Information The final salary offer may be determined by several factors, including, but not limited to, the candidate's qualifications, experience, and expertise, and availability of department or grant funds to support the position. We also take into consideration market benchmarks, if and when appropriate, and internal equity to ensure fair compensation relative to the university's broader compensation structure. We are committed to offering competitive and flexible compensation packages to attract and retain top talent. Benefits Rutgers offers a comprehensive benefits package to eligible employees, based on position, which includes:

• Medical, prescription drug, and dental coverage
• Paid vacation, holidays, and various leave programs
• Competitive retirement benefits, including defined contribution plans and voluntary tax-deferred savings options
• Employee and dependent educational benefits
• Life insurance coverage
• Employee discounts programs

For detailed information on benefits and eligibility, please visit: . Position Status Full Time Working Hours (per week) Standard Hours 37.50 Daily Work Shift Work Arrangement Consistent with the current application of Rutgers Policy 60.3.22 or the applicable provisions of relevant collective negotiations agreements, this position may be eligible for a hybrid work arrangement. Flexible work arrangements are not permanent, are subject to change or discontinuation, and contingent on the employee receiving approval in the FlexWork@RU Application System. Union Description Admin Assembly (MPSC) Payroll Designation PeopleSoft Seniority Unit Terms of Appointment Staff - 12 month Position Pension Eligibility ABP Qualifications Minimum Education and Experience

• A bachelor's degree or equivalent education and experience plus five years relevant experience in the following specialty areas:
  • Information security experience; vulnerability scanning, penetration testing and/or security operations.
  • Experience working in an enterprise technical environment, preferably in a customer-service based organization.

Certifications/Licenses Required Knowledge, Skills, and Abilities

• Knowledge in a wide array of cybersecurity tools and their capabilities as they pertain to the detection and mitigation of Cyber Threats (SIEM, EDR, NGFW, DLP, IPS/IDS, etc.)
• Knowledge of industry standard cybersecurity frameworks (Mitre ATT&CK, NIST Incident Response, etc.)
• Understanding of complex enterprise networks to include routing, switching, firewalls and common networking protocols ( DNS, SMB, etc.)
• Experience with Regex and at least one common scripting language (PERL, Python, PowerShell)
• Experience with an enterprise SIEM platform
• Must demonstrate excellent verbal and written communication skills.
• Must be able to communicate technical problems succinctly and accurately.
• Must be able to handle multiple, shifting priorities and a large volume of technical problem resolution.
• Must quickly learn and be able to apply and document new technical knowledge and procedures.
• Must work well with peers and junior staff in a team oriented, cooperative spirit.

Preferred Qualifications

• Degree in a related field such as Information Security.
• Relevant certifications such as GSFA, GCIH (or other SANS certifications), CISSP, CEH, Security+, ITIL.
• Experience as a key member of a cybersecurity team (SOC, Incident Response, Threat Intel, Malware Analysis, Live Forensics, IDS/IPS Analysis).
• Knowledge of TTPs related to cyber-crime, malware, botnets, social engineering, APTs and other threats.
• Expertise in network and host-based analysis and investigation.

Equipment Utilized

• Vulnerability analysis/Penetration testing.
• Packet capture and Netflow.
• Firewalls/IPS/IDS/EDR.
• Syslog/SIEM/Dashboards & Alerting/SOAR.
• Threat hunting/Malware Analysis.
• Windows/Linux/macOS.

Physical Demands and Work Environment

• Must be able to lift up to 50 pounds for the purpose of moving computer equipment.

Special Conditions Posting Details Posting Number 25ST1016 Posting Open Date 05/07/2025 Special Instructions to Applicants Regional Campus Rutgers University-New Brunswick Home Location Campus Rutgers University - New Brunswick City New Brunswick State NJ Location Details Pre-employment Screenings All offers of employment are contingent upon successful completion of all pre-employment screenings. Immunization Requirements

Under Policy 100.3.1 Immunization Policy for Covered Individuals, if employment will commence during Flu Season, Rutgers University may require certain prospective employees to provide proof that they are vaccinated against Seasonal Influenza for the current Flu Season, unless the University has granted the individual a medical or religious exemption. Additional infection control and safety policies may apply. Prospective employees should speak with their hiring manager to determine which policies apply to the role or position for which they are applying. Failure to provide proof of vaccination for any required vaccines or obtain a medical or religious exemption from the University will result in rescission of a candidate's offer of employment or disciplinary action up to and including termination.