Company Overview

Founded in 1978, CCC, Copyright Clearance Center. is a global company that clears the path to integrated data and information, accelerates knowledge and advances copyright. We build solutions that combine licensing, content, software and professional services to advance the way people integrate, access and share information. CCC manages 950+ million individual rights to works in all formats for companies with employees in over 180 countries, and has distributed over $1.7B to rightsholders in the past 10 years. For over a half dozen years, the company has been named to Content Magazine’s Top 100 list of Companies That Matter Most in the digital content industry. It was named by the Boston Globe as one of the Top 100 Women-led businesses in Massachusetts.

Advancing copyright. Accelerating knowledge. Powering innovation.

Job Summary

The Cyber Security Incident Response Analyst should have a strong passion and high motivation for a career in Cyber Security. This position has experience as a SOC analyst and Incident response role. The position is directly responsible for providing incident coordination, investigation and forensic analysis as well as identification and remediation efforts.

Responsibilities and Duties

• Respond to threats as part of the Global Cybersecurity Incident Response Team by conducting advanced computer and network forensic investigations.
• Operates security products and tools to continuously monitor threats and detect anomalies that could indicate malicious Cyber behavior. Develop and execute a hands-on hunting program across our cloud systems.
• Provide timely detection, identification, and alerts of possible attacks/intrusions, anomalous activities, and misuse activities in support of analyzing critical security events effecting the firm’s networks.
• Formulate from either Cyber Threat Intel or internal security analysis indicators of compromise (IOCs) that can be applied to enhance our Cyber protection posture.
• Analyze Cyber Security alerts from various sources including our SaaS products and triage these alerts and vulnerabilities.
• Deep dive log analysis to scan through data seeking possible evidence of attacks and intrusions.

Qualifications and Skills

• Minimum of 2 years of experience working in a Security Operations Center functioning in a Security Analysis or Incident Response capacity.
• This role requires experience in effective communication of event details and technical analysis to management.
• The ideal candidate will have a technical background with experience in an enterprise environment with the following:
  • Experience in log analysis and security event correlation.
  • 2+ plus years with forensic tools conducting Cyber investigations.
  • Experience in a programming language.
  • Understanding of regular expressions in a scripting capacity such as Ruby, Python, and any UNIX Shell.
  • Understanding of database structure and queries.
  • Knowledge of standard network commands (e.g., ping, traceroute, nslookup).
  • Basic understanding of network services, vulnerabilities and attacks including TTP of threat actors.
  • Skilled in conducting vulnerability scans and recognizing vulnerabilities in security systems.
  • Understanding and proper implementation of YARA rules for use with indicators of compromise [IOCs].
  • Experience with secdevops, Cloud Networks and Cloud Active Defenses.
  • Knowledge of Intrusion Detection System (IDS) tools and applications.
• Knowledge of how to troubleshoot basic systems and identify operating systems-related issues. Proficiency with log analysis and ability to correlate significant data during an incident.
  • Knowledge of Windows/Unix ports, services and operating system theory.
  • Experience with reviewing raw log files, data correlation, and analysis (i.e. firewall, network flow, IDS, system logs)
• 2+ years experience in creating and maintaining policies for SIEM, Anti-Virus, email security, outbound data loss prevention, privacy protection, email encryption, malware prevention, IDS, IPS, and firewalls.
• Experience with secdevops, Cloud Networks and Cloud Active Defenses.
• Proficiency with Security Compliance and Procedures such as PCI, ISO, and SOC II.
• Bachelor’s Degree or Equivalent Work Experience. (GCIH, GCFA, GREM, a Plus)