Position Details
Position Information
| Recruitment/Posting Title |
Senior Incident Response Analyst |
| Job Category |
Staff & Executive - Information Technology |
| Department |
VP for Information Technology |
| Overview |
Rutgers, The State University of New Jersey, is a leading national research university and the State of New Jersey's preeminent, comprehensive public institution of higher education. As one of the largest employers in the State of New Jersey, Rutgers University is committed not only to the students and the State that we serve, but also to the faculty and staff who work on our campuses.
For two consecutive years, Rutgers is ranked on Forbes' list of America's Best Large Employers. Rutgers holds #64 of 500 employers and is the #1 New Jersey employer on the publication's 2023 list. Rutgers' commitment to its employees includes maintaining and fostering a safe, diverse, and respectful workplace environment, creating employment opportunities for our nation's military veterans, and ensuring accessibility and accommodation for individuals with disabilities. |
| Posting Summary |
Rutgers, The State University of New Jersey, is seeking a Senior Incident Response Analyst for the Office of Information Technology (
OIT). Reporting to the Information Technology Manager, the Senior Incident Response Analyst is expected to perform daily operations of the incident detection and response program, which includes finding evidence of threats or suspicious behavior and leveraging data to improve controls and processes as well as monitoring of information security incidents throughout Rutgers' computing environment.
Among the key duties of this position are the following:
- Serves as an escalation point for Incident Response Analysts and provide expert-level analytic, investigative and forensic support of complex security incidents to detect and remediate security threats on networks, workstations, servers, and other connected devices.
- Provides expert level advice and services to business units throughout the University while participating in all phases of Rutgers' Integrated Incident Response Program (Prepare, Detect & Analyze, Contain, Eradicate, Recovery, Report, Remediate).
- Hunts for indicators of compromise, APTs, or other threats within the environment, utilizing SIEM data, available cybersecurity tools and datasets.
- Creates, recommends, and assists with the development of new security content, including alerts, dashboards, playbooks, reports, and responses.
- Research new threats as they emerge to understand trends and TTP's of the current cybersecurity landscape and use that data to enhance Rutgers' detection capabilities.
- Ingests response information and data from incident writeups, malware reports, and other technical documentation to continuously improve processes, develop more efficient operations, and spawn additional hunting opportunities.
- Handles other duties as assigned.
- Serves as an escalation point for Incident Response Analysts and student-workers.
- Provides analytic, investigative, and forensic support of complex security incidents.
- Performs analysis of security incidents for further enhancement of alerts, dashboards, playbooks, reports, and responses.
- Adheres to and leads in the development of documentation policies, standards, procedures and security plans.
- Documents and presents the results of threat hunt analysis and detection, potential remediation, and recovery in an effective and consistent manner.
- Represent the Incident Detection and Response team in key relationships within the Information Security Office (Risk, Security Operations, and Compliance) and in other areas of the University such as Network Operations and Enterprise Infrastructure as necessary.
- Provides communications about any issues, problems, or plans that are informative, clear, concise and timely.
- Maintains familiarity with the NIST Cybersecurity Framework, HIPAA, PCI, FISMA, GLBA and other Information Security regulations.
- Stays current on security trends by attending appropriate training and/or seminars.
- Interacts with co-workers, visitors, and other staff consistent with Rutgers' values.
- Leads projects and initiatives to achieve the objectives of the Information Security Office.
- Identify services, practices and procedures that need improvement.
|
| Position Status |
Full Time |
| Hours Per Week |
|
| Daily Work Shift |
|
| Work Arrangement |
Consistent with the current application of Rutgers Policy 60.3.22 or the applicable provisions of relevant collective negotiations agreements, this position may be eligible for a hybrid work arrangement. Flexible work arrangements are not permanent, are subject to change or discontinuation, and contingent on the employee receiving approval in the FlexWork@RU Application System. |
| FLSA |
Exempt |
| Grade |
07 |
| Position Salary |
|
| Annual Minimum Salary |
104490.00 |
| Annual Mid Range Salary |
132183.00 |
| Annual Maximum Salary |
159875.00 |
| Standard Hours |
37.50 |
| Union Description |
Admin Assembly (MPSC) |
| Payroll Designation |
PeopleSoft |
| Benefits |
Rutgers offers a comprehensive benefit program to eligible employees. For details, please go to
http://uhr.rutgers.edu/benefits/benefits-overview. |
| Seniority Unit |
|
| Terms of Appointment |
Staff - 12 month |
| Position Pension Eligibility |
ABP |
Qualifications
| Minimum Education and Experience |
- A bachelor's degree or equivalent education and experience plus five years relevant experience in the following specialty areas:
- Information security experience; vulnerability scanning, penetration testing and/or security operations.
- Experience working in an enterprise technical environment, preferably in a customer-service based organization.
|
| Certifications/Licenses |
|
| Required Knowledge, Skills, and Abilities |
- Knowledge in a wide array of cybersecurity tools and their capabilities as they pertain to the detection and mitigation of Cyber Threats (SIEM, EDR, NGFW, DLP, IPS/IDS, etc.)
- Knowledge of industry standard cybersecurity frameworks (Mitre ATT&CK, NIST Incident Response, etc.)
- Understanding of complex enterprise networks to include routing, switching, firewalls and common networking protocols (HTTP, DNS, SMB, etc.)
- Experience with Regex and at least one common scripting language (PERL, Python, PowerShell)
- Experience with an enterprise SIEM platform
- Must demonstrate excellent verbal and written communication skills.
- Must be able to communicate technical problems succinctly and accurately.
- Must be able to handle multiple, shifting priorities and a large volume of technical problem resolution.
- Must quickly learn and be able to apply and document new technical knowledge and procedures.
- Must work well with peers and junior staff in a team oriented, cooperative spirit.
|
| Preferred Qualifications |
- Degree in a related field such as Information Security.
- Relevant certifications such as GSFA, GCIH (or other SANS certifications), CISSP, CEH, Security+, ITIL.
- Experience as a key member of a cybersecurity team (SOC, Incident Response, Threat Intel, Malware Analysis, Live Forensics, IDS/IPS Analysis).
- Knowledge of TTPs related to cyber-crime, malware, botnets, social engineering, APTs and other threats.
- Expertise in network and host-based analysis and investigation.
|
| Equipment Utilized |
- Vulnerability analysis/Penetration testing.
- Packet capture and Netflow.
- Firewalls/IPS/IDS/EDR.
- Syslog/SIEM/Dashboards & Alerting/SOAR.
- Threat hunting/Malware Analysis.
- Windows/Linux/macOS.
|
| Physical Demands and Work Environment |
- Must be able to lift up to 50 pounds for the purpose of moving computer equipment.
|
| Special Conditions |
|
Posting Details
| Posting Number |
25ST1016 |
| Posting Open Date |
05/07/2025 |
| Special Instructions to Applicants |
|
| Regional Campus |
Rutgers University-New Brunswick |
| Home Location Campus |
Rutgers University - New Brunswick |
| City |
New Brunswick |
| State |
NJ |
| Location Details |
|
Pre-employment Screenings
All offers of employment are contingent upon successful completion of all pre-employment screenings. Immunization Requirements
Under Policy 100.3.1 Immunization Policy for Covered Individuals, if employment will commence during Flu Season, Rutgers University may require certain prospective employees to provide proof that they are vaccinated against Seasonal Influenza for the current Flu Season, unless the University has granted the individual a medical or religious exemption. Additional infection control and safety policies may apply. Prospective employees should speak with their hiring manager to determine which policies apply to the role or position for which they are applying. Failure to provide proof of vaccination for any required vaccines or obtain a medical or religious exemption from the University will result in rescission of a candidate's offer of employment or disciplinary action up to and including termination. Affirmative Action/Equal Employment Opportunity Statement
It is university policy to provide equal employment opportunity to all its employees and applicants for employment regardless of their race, creed, color, national origin, age, ancestry, nationality, marital or domestic partnership or civil union status, sex, pregnancy, gender identity or expression, disability status, liability for military service, protected veteran status, affectional or sexual orientation, atypical cellular or blood trait, genetic information (including the refusal to submit to genetic testing), or any other category protected by law. As an institution, we value diversity of background and opinion, and prohibit discrimination or harassment on the basis of any legally protected class in the areas of hiring, recruitment, promotion, transfer, demotion, training, compensation, pay, fringe benefits, layoff, termination or any other terms and conditions of employment. For additional information please see the Non-Discrimination Statement at the following web address: http://uhr.rutgers.edu/non-discrimination-statement |
Rutgers University
May 07, 2025