**Overview:**
Founded in 1951, Iron Mountain Incorporated (NYSE: IRM) is the global leader in storage and information management services. Iron Mountain is committed to storing, managing and transforming what our customers value most, from paper records to data to priceless works of art and culture. Providing a full suite of solutions – records and information management, data management, digital solutions, data centers and secure destruction – Iron Mountain enables organizations to lower storage costs, comply with regulations, recover from disaster, and protect their data and assets from a complex world. Visit the company website at www.ironmountain.com for more information.
Iron Mountain enables 94% of the Fortune 1000 to smartly and securely manage their physical and digital information assets. With unmatched innovation and collaboration, our teams create information management solutions for our customers’ data, no matter what format, location or lifecycle stage it’s in and no matter where it’s kept. We are more than 17,000 people strong and growing. We’ve been a trusted records management leader since 1951.
Iron Mountain is an equal opportunity employer, and does not unlawfully discriminate on the basis of race, color, religion, sex, national origin, marital status, age, sexual orientation, gender identity characteristics or expression, disability, medical condition, U.S. Military or veteran status or other legally protected classifications in making employment decisions.
Iron Mountain Canada is an employer broadly committed to providing an inclusive work environment that welcomes all people. Globally, we believe it is our diversity that contributes to our companies’ shared success. We work hard always to avoid discriminating on any grounds other than capability to perform the requirements of the job.
**Responsibilities:**
The Computer Security Incident Response Team (CSIRT) is responsible for investigating and reporting of information security incidents across the global enterprise. The team coordinates with IT, Legal, Security, Human Resources, Marketing, Communications, and other appropriate business units to gather incident details, assess impact, and coordinate response.The Computer Security Incident Response Analyst reports to the CSIRT Manager and will be responsible for conducting escalated investigations into information security incidents across the enterprise. The CSIRT analysts will be charged with working information security incidents to full resolution from incident identification through incident resolution.The CSIRT Analyst will operate as part of a new Iron Mountain Global Security Operations Center (GSOC) and will have the opportunity to contribute to a highly visible information security operations function with accountability for managing internal and external security incidents.
_Incident Response_
+ Lead security incidents according to the Security Incident Response Policy.
+ Provide guidance to first responders for handling information security incidents.
+ Coordinate efforts among multiple business units during response.
+ Provide timely and relevant updates to appropriate stakeholders and decision makers.
+ Provide investigation findings to relevant business units to help improve information security posture.
+ Validate and maintain incident response plan and processes to address potential threats.
+ Compile and analyze data for management reporting and metrics.
_Threat Management_
+ Monitor information security related Web sites (US-CERT, SANS Internet Storm Center, etc.) and mailing lists (SANS NewsBites, etc.) to stay up to date on current attacks and trends.
+ Analyze potential impact of new threats and exploits and communicate risks to relevant business units.
**Qualifications:**
_Qualifications_
+ Three or more years of technical experience in the information security field
+ Three or more years of practical experience in an incident response role
+ Advanced knowledge of information systems security concepts and technologies; SIEM technologies; network architecture; general database concepts; document management; hardware and software troubleshooting; intrusion tools; malware remediation; and computer forensic tools such as EnCase and open source alternatives
+ Familiarity with security regulatory requirements and standards (such as PCI, HIPPA, FFIEC, etc.)
+ Advanced knowledge and experience with the Windows and Linux operating systems
+ Working knowledge of and experience in investigating malicious code
_Demonstrated ability to apply technical and analytical skills in a security environment_
+ Ability to work extremely well under pressure while maintaining a professional image and approach
+ Exceptional information analysis abilities; ability to perform independent analysis and distill relevant findings and root cause
+ Strong analytical writing skills to articulate complex ideas clearly and effectively; experience creating and presenting documentation and management reports
+ Team player with proven ability to work effectively with other business units, IT management and staff, vendors, and consultants
+ Strong communication skills such as planning and leading effective meetings, conducting structured interviews to collect information, interpersonal and negotiation skills, and presenting to a variety of audiences
+ Advanced skills to present information to stakeholders and/or decision makers in an effective and professional deliverable
+ Experience in the following tools; IBM QRadar SIEM, McAfee ePO, Check Point Next Generation Appliances, McAfee IPS, Damballa Failsafe, Rapid 7/Qualys Vulnerability Management, Wireshark, Riverbed Cascade, Encase, and coding languages such as Perl or Python
_Education/Certifications_
+ Bachelor’s degree in management information systems, computer science, or related discipline is required.
+ Postgraduate degrees and certificate programs in relevant areas that demonstrate analytical technical backgrounds will also be considered.
+ SANS GSEC certified/qualified
+ SANS GCIH or GCFA, SANS GCIA, and EnCER certification(s) are preferred but not required.
Compliance Obligations:
It is the responsibility of every Iron Mountain employee:
+ to comply with all applicable laws, rules, regulations, and company policies
+ to exhibit ethical behavior in accordance with our Code of Ethics and Business Conduct
+ to complete required training within the allotted time frame
**Options:**
Apply for this job online Apply
Iron Mountain is an equal opportunity employer, and does not unlawfully discriminate on the basis of race, color, religion, sex, national origin, marital status, age, sexual orientation, gender identity characteristics or expression, disability, medical condition, U.S. Military or veteran status or other legally protected classifications in making employment decisions.
**Requisition #** _2017-14284_
**Job Location(s)** _US_ _-_ _PA_ _-_ _Boyers_
_US_ _-_ _PA_ _-_ _Boyers_
_US_ _-_ _MA_ _-_ _Boston_
**Category** _Security_
**Type** _Full-Time_
**Work From Home (Virtual)** _Yes_