Administrator, Incident Response at Carlyle Investment Management, LLC in Washington, Washington DC

Job Description:

Position Summary


The Incident Response Analyst role plays a critical role in safeguarding sensitive financial data and systems from cyberattacks. This position requires a highly skilled and experienced security professional with a proven track record of performing security incident response activities.


The ideal candidate will possess a deep understanding of incident response methodologies and a strong technical skillset. They will be responsible for taking ownership of security incidents, performing response actions, and ensuring timely resolutions to minimize business disruption. This includes conducting investigations, analyzing evidence from various environments (cloud, network, endpoint), and implementing recovery plans.


This position will also be a champion for security automation. They will leverage scripting skills and API knowledge to automate integrations between security tools, streamlining incident response workflows. Furthermore, their understanding of cloud security best practices will be vital for identifying and mitigating cloud-based threats.


Beyond technical skills, this role demands excellent communication and collaboration. The Incident Response Analyst will work effectively with security teams, IT teams, and business stakeholders, keeping everyone informed and aligned throughout the incident response process. Additionally, they will thrive in a fast-paced environment, prioritizing tasks effectively, managing multiple incidents concurrently, and remaining calm under pressure.


This role offers a unique opportunity to work with cutting-edge security tools and technologies and collaborate with a dedicated team focused on a critical mission: securing the organization's IT infrastructure.



Responsibilities


60% of time

• Responsible for analyzing, documenting, and responding to security events, and performing incident response.


• This role will act as an escalation point from the managed service provider (Tier 1 SOC) for events that require further analysis and treatment.


• Will work closely with Security team and the Carlyle team at large in the resolution/containment of security incidents.


• Will maintain the security incident response playbook. Will tag and annotate assets and IOCs in internal security tools.


• Develops methods and analytics for detecting advanced threats.


• Performs routine hunting exercises.

25% of time

• Responsible for supporting security infrastructure.


• Related tasking includes, among others, documentation, updating software, deploying new technologies, performing backups, scripting, submitting change requests, quality assurance testing, developing reports, and systems troubleshooting.

10% of time

• Responsible for improving relevant knowledge, skills, and abilities through research, lab work, mentoring others, training, and other professional development activities.

5% of time

• Provide reporting around project deliverables.

Qualifications



Education & Certificates

• Bachelor's degree, or equivalent years' of relevant experience, required.


• Certifications in incident response (GCIH, SANS) or security (CISSP, CCSP).

Professional Experience

• 5+ years of overall IT-related experience, required.


• 3+ years of IT security operations and incident response experience, required.


• Knowledge of financial services industry and alternative asset management strongly preferred.


• In-depth knowledge of incident response methodologies (identify, contain, eradicate, recover, learn).


• Proven ability to conduct investigations, analyze evidence, and identify root causes of security incidents.


• Experience with digital forensics and evidence collection techniques in various environments (cloud, network, endpoint).


• Experience with leveraging APIs to automate integrations between security tools.


• Knowledge of cloud security best practices (IAM, encryption, logging).


• Proficiency with security orchestration, automation and response (SOAR) platforms (Palo Alto Cortex XSOAR).


• Proficiency with security information and event management (SIEM) tools (ELK Stack, Google Chronicle).


• Proficiency with at least one major cloud platform (AWS, Azure)


• Familiarity with Infrastructure as Code (IaC) tools (Terraform, CloudFormation).


• Experience with scripting languages (Python, Bash, PowerShell) for automating incident response tasks.


• Strong understanding of network security concepts (firewalls, intrusion detection/prevention systems).


• Proficiency with endpoint security tools (antivirus, endpoint detection and response (EDR)).


• Working knowledge of various operating systems (Windows, Linux, macOS).

Competencies & Attributes

• Ability to prioritize tasks, manage multiple incidents concurrently, and work effectively under pressure.


• Strong analytical and problem-solving skills to diagnose complex security incidents.


• Excellent communication and collaboration skills to work effectively with security teams, IT teams, and business stakeholders.

Company Information


The Carlyle Group (NASDAQ: CG) is a global investment firm with $426 billion of assets under management and more than half of the AUM managed by women, across 586 investment vehicles as of December 31, 2023. Founded in 1987 in Washington, DC, Carlyle has grown into one of the world's largest and most successful investment firms, with more than 2,200 professionals operating in 28 offices in North America, Europe, the Middle East, Asia and Australia. Carlyle places an emphasis on development, retention and inclusion as supported by our internal processes and seven Employee Resource Groups (ERGs). Carlyle's purpose is to invest wisely and create value on behalf of its investors, which range from public and private pension funds to wealthy individuals and families to sovereign wealth funds, unions and corporations. Carlyle invests across three segments - Global Private Equity, Global Credit and Investment Solutions - and has expertise in various industries, including: aerospace, defense & government services, consumer & retail, energy, financial services, healthcare, industrial, real estate, technology & business services, telecommunications & media and transportation.


At Carlyle, we know that diverse teams perform better, so we seek to create a community where we continually exchange insights, embrace different perspectives and leverage diversity as a competitive advantage. That is why we are committed to growing and cultivating teams that include people with a variety of perspectives, people who provide unique lenses through which to view potential deals, support and run our business. Apply Now