Digital Forensics and Incident Response Analyst

As the global leader in high-speed connectivity, Ciena is committed to a people-first approach. Our teams enjoy a culture focused on prioritizing a flexible work environment that empowers individual growth, well-being, and belonging. We’re a technology company that leads with our humanity—driving our business priorities alongside meaningful social, community, and societal impact.

The Security Organization

The Security team at Ciena is a tightly knit group of skilled professionals who share the same passion for defending against cyber criminals. With the increase in volume and sophistication of cyber-crime, we are growing and have tons of exciting work planned.

Key Responsibilities

• Incident Response Leadership Lead the detection, containment, eradication, and recovery phases of cybersecurity incidents in collaboration with the SOC and other teams.Coordinate and facilitate the Extended Security Incident Response Team (ESIRT) during high-severity incidents.Develop and maintain incident response playbooks, procedures, and workflows to improve readiness and efficiency.
• Digital Forensic Analysis Perform host forensic analysis on Windows based systems.Conduct network forensics by leveraging disparate log sources to include firewall logs, NetFlow, full packet capture, and various intrusion detection / prevention logs.Leverage available tooling to contain and eradicate a threat actor's presence from the network when responding to live intrusion events.Understand the capabilities of malicious binaries and scripts through usage of sandbox environments and static analysis.
• Tabletop Exercises (TTXs) Design, develop, and lead regular Tabletop Exercises (TTXs) to test and enhance the organization’s incident response capabilities.Evaluate the performance of participants during TTXs and provide actionable feedback for improvement.Maintain detailed records and reports of TTX outcomes to guide future training and preparedness.
• Proactive Threat Hunting Conduct regular proactive threat-hunting activities to identify potential risks, vulnerabilities, and indicators of compromise (IOCs).Utilize advanced tools, techniques, and threat intelligence to uncover malicious activity within the environment.Collaborate with the SOC to refine detection mechanisms and improve response capabilities based on threat-hunting findings.
• Collaboration and Communication Work closely with the SOC, Security Architecture, IT, and other teams to enhance incident response and threat-hunting processes.Serve as a liaison between technical teams and executive stakeholders during incidents, providing clear and concise updates.Represent the organization in external threat-sharing communities and partnerships to stay ahead of emerging threats.
• Process Development and Maintenance Continuously improve incident response processes and threat-hunting methodologies.Ensure compliance with relevant regulations, industry standards, and company policies in all incident response activities.Maintain detailed and accurate documentation of incidents, investigations, and lessons learned.

Qualifications

#LI-SM #LI-Remote #LI-Hybrid

Not ready to apply? Join ourto get relevant job alerts straight to your inbox.

At Ciena, we are committed to building and fostering an environment in which our employees feel respected, valued, and heard. Ciena values the diversity of its workforce and respects its employees as individuals. We do not tolerate any form of discrimination.

Ciena is an Equal Opportunity Employer, including disability and protected veteran status.

If contacted in relation to a job opportunity, please advise Ciena of any accommodation measures you may require.