Orion Innovation is a premier, award-winning, global business and technology services firm. Orion delivers game-changing business transformation and product development rooted in digital strategy, experience design, and engineering, with a unique combination of agility, scale, and maturity. We work with a wide range of clients across many industries including financial services, professional services, telecommunications and media, consumer products, automotive, industrial automation, professional sports and entertainment, life sciences, ecommerce, and education.
Job Description:
We are seeking a highly skilled Principal Incident Response Analyst to enhance our cybersecurity response capabilities in a Managed Security operations environment. The ideal candidate will have extensive experience in handling and resolving complex security incidents, with a strong background in Managed Detection and Response (MDR) and Managed SIEM environments. This role demands a hands-on approach to incident response, strong analytical skills, and effective communication with cross-functional teams.
Key Responsibilities:
- Lead the response to complex security incidents, ensuring timely identification, analysis, and resolution.
- Manage the daily operations of incident response, including the analysis of security alerts and the coordination of necessary response actions.
- Utilize Managed SIEM and EDR solutions to effectively detect and respond to security threats, with a preference for expertise in IBM QRadar and Microsoft SentinelOne.
- Collaborate with SOC analysts to refine SIEM rules, alerts, and correlation logic to enhance threat detection capabilities.
- Support the ingestion and analysis of logs from various systems and applications into the SIEM platform to improve incident analysis.
- Develop and refine incident response strategies, policies, and procedures to bolster the organization's security posture.
- Monitor and analyze security events and incidents, ensuring comprehensive investigations and effective mitigations of potential threats.
- Work closely with IT, Legal, and Risk Management teams to ensure cohesive incident response strategies and clear communication during and after incidents.
- Drive continuous improvement of incident response processes and procedures to optimize efficiency and effectiveness.
- Engage in Threat Intelligence and Threat Hunting activities to proactively identify and mitigate emerging security threats.
- Build and maintain relationships with external partners, vendors, and industry peers to keep abreast of emerging threats, best practices, and new technologies.
- Conduct assessments and audits of incident response activities and systems to identify improvement opportunities and ensure regulatory compliance.
- Develop and deliver detailed reports on incident trends, response times, and the effectiveness of incident management.
- Stay informed about the evolving cybersecurity landscape, including emerging threats and industry standards, to recommend proactive security measures.
Qualifications:
- Proven experience (10+ years) in Managed security operations and incident response, preferably in a leading role.
- Bachelor's degree in Computer Science, Information Security, or a related field (Master's degree preferred).
- In-depth knowledge of incident response methodologies and security technologies (SIEM, IDS/IPS, EDR, etc.).
- Strong understanding of TCP/IP protocols, network segmentation, VPNs, and firewall configuration.
- Experience with Threat Intelligence, Threat Hunting, Vulnerability Management, and risk assessment frameworks.
- Expertise in developing and refining SIEM rules, alerts, and correlation logic.
- Ability to manage multiple security incidents in a fast-paced, dynamic environment.
- Exceptional problem-solving and decision-making skills, with a proactive and results-driven mindset.
- Excellent communication skills, capable of discussing complex security issues with both technical and non-technical stakeholders.
- Relevant certifications such as CISSP, CISM, GCIH, GNFA or GIAC are highly desirable.
Orion is an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, creed, religion, sex, sexual orientation, gender identity or expression, pregnancy, age, national origin, citizenship status, disability status, genetic information, protected veteran status, or any other characteristic protected by law.
Candidate Privacy Policy
Orion Systems Integrators, LLC and its subsidiaries and its affiliates (collectively, “Orion,” “we” or “us”) are committed to protecting your privacy. This Candidate Privacy Policy (orioninc.com) (“Notice”) explains:
- What information we collect during our application and recruitment process and why we collect it;
- How we handle that information; and
- How to access and update that information.
Your use of Orion services is governed by any applicable terms in this notice and our general Privacy Policy.
Top Skills
What We Do
Orion is a leading digital transformation and product development services firm. Headquartered in Edison, NJ, we have a global team of 6,200+ associates, with engineers in 14 major delivery centers across North America, Europe, Asia Pacific and Latin America.
For over 25 years, Orion has been solving complex business problems for our clients. Our transformative business solutions are rooted in digital strategy, experience design, and engineering, empowering our clients to operate with agility at scale.
Our mission is to serve as an agile and trusted partner for business transformation initiatives, providing deep emerging technology, experience design, and domain expertise.
Our business has more than tripled over the last three years.
We have grown aggressively both organically and inorganically, adding new clients, complementary skills, domain expertise, and strengthening our global footprint.