Cyber Incident Response Analyst - Location Open

Los Angeles, California
02 Sep 2016
26 Oct 2016
Contract Type
Full Time
The Company

With 2015 revenues of approximately $12.1 billion and net income of $302 million, Jacobs Engineering Group Inc. (Jacobs) is one of the largest publicly traded (NYSE: JEC) and diverse providers of professional technical services in the world. Founded in 1947, the company has a market capitalization of $4.35 billion and over 63,000 employees worldwide.

The company's service portfolio consists of a comprehensive range of business solutions related to engineering, architecture, construction, operations and maintenance and scientific and specialty consulting.

Position Summary

** This position can be located at any Jacobs offices ***

The Cyber Incident Response Analyst reports to the IT Manager, Information Security and provides Incident Response and Threat Management support to information security incidents internally for Jacobs.

Primary Responsibilities:

Incident Response
  • Perform system and network analysis of suspected or potential security incidents
  • Provide evidentiary requirements such as executing forensics technical and gathering results on any computing assets such as mobile devices to support any investigation, inquiry, or litigation
  • Evaluate target systems to analyze results of scans, identify resolutions, make recommendations, and continuously monitor requirements
  • Provide guidance to first responders for handling information security incidents
  • Coordinate efforts among multiple business units during response
  • Provide timely and relevant updates to appropriate stakeholders and decision makers
  • Provide investigation findings to relevant business units to help improve information security posture
  • Validate and maintain incident response plan and processes to address potential threats
  • Compile and analyze data for management reporting and metrics

Threat Management

  • Monitor information security related Web sites (US-CERT, SANS Internet Storm Center, etc.) and mailing lists (DHS Infrastructure, BugTraq, etc.) to stay up to date on current attacks and trends
  • Participate in industry task forces and working groups (Financial Services Information Sharing and Analysis Center (FS-ISAC), FBI InfraGard, Anti-Phishing Working Group, etc.) where appropriate to understand current and future threats
  • Analyze potential impact of new threats and exploits and communicate risks to relevant business units.


  • Four or more years of technical experience in the information security field, preferably in the AEC (Architecture, Engineering or Construction) industry preferred
  • Four or more years of practical experience in an incident response role
  • Demonstrated knowledge of systems configuration and management of firewalls, IDS, servers and work stations
  • Ability to correlate incident data to identify specific vulnerabilities and make recommendations that enable remediation
  • Knowledge of incident categories, incident responses, and timelines for responses
  • Experience collecting data and reporting results; handling and escalating security issues or emergency situations appropriately; providing incident response capabilities to isolate and mitigate threats to maintain confidentiality, integrity, and availability for protected data
  • Demonstrated experience supporting external investigations
  • Good communication and presentation skills
  • Ability to listen, understand and translate client requirements
  • Ability to effectively manage conflict, and affect adequate solutions
  • Strategic planning skills, organizational skills, operating skills, and strong leadership
  • Familiarity with software development and network operations concepts and methodologies
  • Advanced knowledge of information systems security concepts and technologies; network architecture; general database concepts; document management; hardware and software troubleshooting; intrusion tools; and computer forensic tools such as EnCaseR and open source alternatives
  • Advanced knowledge and experience with the Windows and Linux operating systems
  • Working knowledge of and experience in investigating malicious code
  • Demonstrated ability to apply technical and analytical skills in a security environment
  • Ability to work extremely well under pressure while maintaining a professional image and approach
  • Exceptional information analysis abilities; ability to perform independent analysis and distill relevant findings and root cause

At Jacobs, we help prepare people for new opportunities and challenges. With positions at every level, openings in multiple disciplines, expertise in a range of markets and offices around the globe, we create an environment where you can learn, grow, and thrive. From our competitive benefits program to our Health and Safety initiative of Beyond Zero workplace injuries, we believe that you'll find a flourishing career here at Jacobs.

Jacobs Engineering Group Inc. is an Equal Opportunity Employer and employment selection decisions are based on merit, qualifications, and abilities. Jacobs does not discriminate in employment opportunities or practices on the basis of: race, color, religion, gender, national origin, age, sexual orientation, gender identity, disability, veteran status or any other characteristic protected by country, regional or local law.