**If you are a current FIB employee, please apply through the Career Worklet in the Employee Portal This position is located at our Great West Center branch in Billings, MT.
What's Important to You We know your career is just one aspect of a meaningful, complex, and demanding life. That's why we designed our compensation and benefits package to provide employees and their families with as much choice as possible.
- Generous Paid Time Off (PTO) in addition to paid federal holidays.
- Child Care Assistance Program for eligible dependent(s).
- Exercise reimbursement program for employees.
- The health and happiness of the places we call home matter to us. Learn a little more about what we do for the communities we serve and why we want YOU to be a part of it.
We encourage you to apply. Reach for what you want and tell us why your work ethic and willingness to learn make you a natural fit for
#TeamFirstInterstate. SUMMARY The Incident Response Analyst in the computer security incident response team will be responsible for developing and executing standards, procedures and process to uncover, resist and recover from security incidents.
ESSENTIAL DUTIES AND RESPONSIBILITIES - Responds to computer security and data privacy incidents according to the computer security incident response policy and procedures.
- Provides technical guidance to first responders for handling cybersecurity incidents.
- Provides timely and relevant updates to appropriate stakeholders and decision makers.
- Communicates investigation findings to relevant business units to help improve the cybersecurity posture.
- Validates and maintains incident response plans and processes to address potential threats.
- Compiles and analyzes data for management reporting and metrics.
- Monitors relevant information sources (such as Twitter, LinkedIn and information sharing and analysis centers) to stay up to date on current attacks and trends.
- Analyzes potential impact of new threats and communicates risks back to detection engineering functions.
- Performs root-cause analysis to document findings and participate in root-cause elimination activities as required.
- Triages and assesses the risk of incidents, performing real-time analysis and managing workload during investigations/incidents.
- Creates runbooks for frequently occurring incidents to automate or at least assist with the resolution of those cases.
- Assist in developing and track key performance indicators (KPIs).
- Collect and document incident details, timeline, mean time to detect (MTTD), mean time to response (MTTR), actions taken, and lessons learned.
- Develop and conduct IT security-based tabletop exercises and document outcomes and after-action reports to assist teams to improve response capabilities.
- Other duties as assigned.
QUALIFICATIONS - Ability to work extremely well under pressure while maintaining a professional image and approach.
- Ability to perform independent analysis of complex problems and distill relevant findings and root causes.
- Ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understood, authoritative and actionable manner.
- Understands business needs and commitment to delivering high-quality, prompt and efficient service to the business.
- Understands organizational mission, values, goals and consistent application of this knowledge.
- Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one.
- Ability to effectively influence others to modify their opinions, plans or behaviors.
- A team-focused mentality, with the proven ability to work effectively with diverse stakeholders.
- Strong problem-solving and troubleshooting skills.
- Familiarity with incident response frameworks and methodologies, including frameworks like NIST 800-61 and MITRE ATT&CK
EDUCATION AND/OR EXPERIENCE - Bachelor's Degree in Computer Science, Information Security or related field required.
- 4-6 years of experience in information security, focused on incident response or security operations center required.
LICENSES AND CERTIFICATIONS - Certified Information Systems Security Professional (CISSP) preferred.
- Global Information Assurance Certification (GIAC) preferred.
PHYSICAL DEMANDS AND WORKING ENVIRONMENT The physical demands and work environment are representative of those that must be met or encountered to successfully perform the essential functions of the job. In compliance with the Americans with Disabilities Act, the company provides reasonable accommodation to qualified individuals with disabilities and encourages both prospective and current employees to discuss potential accommodations with the employer.
- Dexterity of hands/fingers to operate computer keyboard and mouse - Frequently
- Sitting - Frequently
- Standing - Occasionally
- Noise Level - Moderate
- Typical Work Hours - M-F (8-5)
- Regular and Predictable Attendance - Required
**If you are a current FIB employee, please apply through the Career Worklet in the Employee Portal