Incident Response Analyst
Redwood City California 94065 United States
7 days ago
We’re EA—the world’s largest video game publisher. You’re probably familiar with many of our titles—The Sims, Apex Legends, Star Wars Battlefront II, Madden, FIFA, Need for Speed, to name a few. But maybe you don’t know the kind of challenges that you, as a security professional, would be exposed to in a game company - security challenges that are unique to our world. What does that mean for you? It means more opportunities to unleash your creative genius, be inspired by those around you and ignite your path in any direction you choose.
This is a junior or mid level, hands-on, technical security role within the Global Security Incident Response team (GSIRT) that will eventually be positioned to play a pivotal role in securing EA. This role focuses on tracking security incidents across EA and coordinating and managing remediation efforts while maintaining strong relations with all lines of business across the enterprise.
The IR Analyst will partner with other security professionals within EA Security as well as Information Technology, Game Studios, and will also partner with Legal, the EA Digital Platform organization, and other business units to gather incident details, assess impact, and coordinate response. The person in this role will be responsible for executing all aspects of incident response including attack analysis, incident documentation, threat hunting and developing detections for identified gaps. The IR Analyst will also be responsible for monitoring the performance of incident response, ensuring compliance with existing laws and regulations, and aligning with emerging threats and incident trends. Additionally, the IR Analyst will be responsible for coordinating the on-going enhancements to the IR process which will align with GSIRT’s strategic initiatives.
- Provide follow-the-sun coverage in conjunction with other IR Analysts and members of the EA Security Team to respond to security incidents.
- Perform forensics analysis to support incident response (host and network based).
- Create new detections to fill gaps in visibility and ability to respond effectively to incidents.
- Work with other security team members to conduct root cause analysis to identify gaps and recommendations that will ultimately remediate risks to EA.
- Ensure that all incidents are recorded and tracked to meet audit and legal requirements
- Assist with the collection of evidence, network forensic investigations, computer intrusion, theft of information, denial of service and multi-national organized crime.
Skills, Knowledge, and Abilities
- Strong problem solving abilities to learn new analysis techniques
- Excellent analytical, organizational, and communication skills.
- A successful track record in school and work experience in technology and information security (e.g. through related internship work experience).
- Strong initiative and willingness to learn new technical skills and tools, countermeasures, and techniques.
- Solid understanding of TCP/IP fundamentals, network protocols, system administration and network architectures.
- Experience with scripting or development - e.g. Perl, VB Script, Python, etc.
- Exposure to Unix/Linux environments.
- Ability to multi-task and prioritize in a fast-paced, high volume environment.
- Ability to work independently and in a cross functional team.
- Must be willing to travel to other EA locations as necessary to support security incidents.
- Knowledge of information security concepts
- Understanding of attack vectors, current threats, and security remediation strategies.