Information Systems Incident Response Analyst

Company / Location Information

Water technology is one of the fastest-growing industries in the world. As a leading global water technology company, A. O. Smith Corporation (NYSE: AOS) is at the center of the trend. We are a $4 billion company with over 140 years of history and 12,000+ employees. Our emphasis is on hot water and clean water; we are one of the world’s largest manufacturers of residential and commercial water heating equipment as well as a supplier of water purification products in a number of emerging countries.

With manufacturing operations in the United States, Canada, Mexico, China, India, and Europe, we have the reach to serve customers worldwide.

A.O. Smith is committed to continuous improvement and maintaining a culture that values and respects our employees. Recognized by The Tennessean as one of the top Nashville area Workplaces, we have programs in place to help our team members achieve their potential. When you join our team, you will receive rewards and recognition for your contributions, training and professional development opportunities, as well as a variety of benefits to support you and your family's health, well-being, and financial future. If you are inspired to learn, take risks, and succeed as a team, you can build an amazing career at A. O. Smith

This role is located in our modern Nashville Metro Center office, located just minutes from downtown with easy interstate access and free parking.

This role is eligible for a remote work schedule of up to two days remote work per week. New employees are eligible to apply after successfully completing their initial 90 days of employment and training.

Primary Function

The Information Security Incident Response & Digital Forensics Analyst is responsible for monitoring, investigating and responding to security events. The analyst role receives, researches, triages and documents security events and alerts as they are received. This role partners closely with multiple functions in the IT organization, as well as other internal business units and external partners. The analyst role will incorporate threat intelligence into monitoring and incident response activities and is expected to hunt for potential compromise across the infrastructure.  The role will conduct forensic examinations through collection, processing, analysis and preservation of digital data. The ideal candidate will be able to provide clear, concise communication to explain technical topics capable of being understood by business leaders as required.

This role reports to the information security incident response and digital forensics manager and is an involved member of the team. This role must display an in-depth understanding of new trends and technologies related to IT security and compliance and contribute to the company IT security strategy and roadmap.  

Responsibilities

• Investigate, contain, and document events to mitigate security incidents and the emergence of new threats.
• Perform threat and vulnerability research across event data collected by systems.
• Work alongside other security team members to hunt for and identify security issues generated from the network, including third-party relationships.
• Execute regular incident response and postmortem exercises, with a focus on creating measurable benchmarks to show improvement progress.
• Partner with the Security engineering team to leverage automation and orchestration solutions to automate repetitive tasks.
• Conduct forensic examinations that include collection, preservation and analysis of data and systems.
• Maintain collection, storage and preservation of evidence following strict control and chain of custody.
• Document case notes and communicate analysis from initial investigation through closure and post-mortem.
• Researching new attack vectors and developing threat models

Qualifications

• Bachelor’s Degree in Computer Science, Information Technology, or related field.

• 3+ years of information security monitoring and response or related experience.

• Experience working with MxDR providers, threat intelligence platforms, security automation and orchestration solutions, intrusion detection and prevention systems (IDS/IPS), digital forensic tools, DLP and other network and system monitoring tools.

• Understand attacker tactics, techniques and procedures to aid in discovery and analysis.

• Excellent written and verbal communication skills.

PREFERRED QUALIFICATIONS

• Preferable, but not required, to have one or more of the following: GCFE, GREM, GCIH, EnCE, MCFE

We Offer

Competitive compensation package and comprehensive benefits plans which include medical and dental insurance, company-sponsored life insurance, retirement security savings plan, short- and long-term disability programs and tuition assistance.

This role is eligible for a remote work schedule of up to two days remote work per week. New employees are eligible to apply after successfully completing their initial 90 days of employment and training.