Oh Snap!
This job is no longer active - but you can still view the details below.

Incident Response Analyst

| Greater LA Area

It's fun to work in a company where people truly BELIEVE in what they're doing!

 

We're committed to bringing passion and customer focus to the business.

 

 

 

 

About iHerb

iHerb is one of the leading global e-commerce retailers with its emphasis on Nutritional and Wellness products. Our mission is simple…providing the best overall value for natural products through "e-simplicity." Our values can be best defined as an environment in constant and continuous pursuit to conscientiously meet the needs of our customers, business partners, and team members while doing our part to safeguard the environment. 

 

Job Summary: The Incident Response Analyst uses the various security tooling to investigate and respond to various security incidents. The IR Analyst is a subject matter expert in Incident Management and Response. The IR Analyst interacts with other teams to enable escalation and remediation, as needed.Using various Threat Intelligence sources, as well as security tools, the IR Analyst can effectively prioritize and eradicate any active threat and vulnerability.The Incident Response Analyst documents policies and processes related to Incident Management, and keeps them current.The IR Analyst keeps track of activities and progress on incident tickets.
 
Job Expectations: 

  • The main focus for the position is Incident Response, but a strong knowledge of various security tooling, systems in the cloud, on-prem systems and networking is required, at least on a conceptual level.
  • Coordinates and assists in the review, monitoring and/or auditing of applicable daily Security Log Activity and Events. Take action as necessary; escalate to senior staff if required. Logs could include, but are not limited to the following:
  • Vulnerability Scans – Kubernetes/Containers
  • Vulnerability Scans – Database
  • Vulnerability Scans – PCI ASV
  • Active Directory Changes
  • User Activity
  • Netflow Analytics
  • Firewall and ACL Changes
  • SIEM
  • DAST Scan Results (e.g. Acunetix, Burp Suite, Nessus, etc)
  • Group Policy Changes
  • Cloud security tooling
  • Where needed, update or create documentation for the overall Incident Management Program, use of security tools, such as SOPs, architecture documentation, ...
  • Support our compliance programs (such as PCI) by helping implementing and documenting controls, examining evidence for compliance to standards.
  • You have experience with Blue Team exercises. (Red Team / Purple Team is a plus)
  • Knowledge of Forensics is a plus.

 

Knowledge, Skills and Abilities:

Required:

  • Possess an understanding of PCI Compliance and EU GDPR Requirements
  • Strong knowledge of multiple security tools for both Cloud and On-Prem scenarios.
  • Good knowledge of AWS (Amazon Web Services), GCP (Google Cloud Platform), Azure, or other cloud platforms and related technologies is strongly desired. 
  • Strong knowledge of SIEM, such as Splunk, and related tooling and automation.
  • Provide support for strategic business process/reengineering consulting as appropriate and work on multiple technically complex high profile projects. 
  • Demonstrate an understanding of key IT operational policies, processes and methodologies applicable to governance, risk management and compliance. 
  • Demonstrable experience with integration in Splunk or other SIEMs for various security tools.
  • General understanding of security fundamentals (cryptography, least privilege, segregation of duties,…) and general security technologies, including operating systems, network security (firewalls, VPNs, etc.), security event management, business continuity, physical security, identity management, directory services, etc. 
  • Knowledge of Active Directory, DDNS, Group Policy (GPO), Microsoft Windows Server and Desktop operating systems, Linux, ...
  • Strong work ethic, including consistent documentation and tracking of activities.
  • Ability to work in fast paced, rapidly changing environment and a strong desire to learn
  • You are a self starter, and require only minimal guidance to get results.
  • This position may require on-call activities at off-hours

 
Experience Requirements:

  • 3-5 years’ experience in information systems as a system administrator or engineer, cloud administrator,  network administrator or security engineer with at least two of those with direct incident response / incident management duties
  • Experience with cloud, systems, and network security
  • Experience with containers (Docker, Kubernetes, …) strongly desired
  • Experience with various tooling in the Information Security space
  • Experience working with, and setting up alerts and queries in Splunk or other SIEM tools
  • Knowledge of IT/Information Security Audit and assessment. 
  • Knowledge of PCI DSS and EU GDPR
  • Knowledge researching, analyzing and recommending information security solutions
  • A working knowledge of information security practices and concepts including intrusion detection/ prevention, access controls, risk analysis, vulnerability scanning, and data encryption.
  • Strong organizational, excellent written, verbal and interpersonal communication skills are needed to work effectively with a wide variety of staff, outside consultants and vendors.

 

Education Requirements:

  • Bachelor’s Degree in Information Technology, Information Security, Computer Science, or related field required.
  • Advanced industry certification strongly desired, e.g. SANS GIAC, CompTIA Security+, CISSP, CISM, GIAC Certified Incident Handler (GCIH)
Read Full Job Description

Technology we use

  • Engineering
  • Product
  • Sales & Marketing
    • .NETLanguages
    • C#Languages
    • JavascriptLanguages
    • SqlLanguages
    • jQueryLibraries
    • jQuery UILibraries
    • ReactLibraries
    • ReduxLibraries
    • Twitter BootstrapLibraries
    • AngularJSFrameworks
    • ASP.NETFrameworks
    • HadoopFrameworks
    • Node.jsFrameworks
    • SparkFrameworks
    • CassandraDatabases
    • Maria DBDatabases
    • Microsoft SQL ServerDatabases
    • MongoDBDatabases
    • RedisDatabases
    • Google AnalyticsAnalytics
    • OptimizelyAnalytics
    • BalsamiqDesign
    • IllustratorDesign
    • InVisionDesign
    • PhotoshopDesign
    • SketchDesign
    • UXPinDesign
    • AsanaManagement
    • ConfluenceManagement
    • JIRAManagement
    • Microsoft ProjectManagement
    • SmartsheetManagement
    • ZendeskCRM
    • IterableCRM
    • IterableEmail
    • Google AnalyticsLead Gen
    • Google Data StudioLead Gen
    • TableauLead Gen

Location

Pasadena is known for it's charm and sophistication with the best night life, restaurants and bars this side of L.A! - Technology roles in Irvine, CA

An Insider's view of iHerb LLC.

What's something quirky about your company?

“Everyone is really different, nice and cool to be around. People are comfortable to be themselves, which is not common.”

Christopher

Junior Software Developer I

What's the biggest problem your team is solving?

“Most of the challenges stem from the extreme growth of the company in addition to keeping up with the technological advances in the market. We migrate and change quickly to adapt, which is the fun part because we are continuously learning.”

Alina

Senior Software Developer I

How does the company support your career growth?

"Everyone here is so brilliant. The teams are open and receptive to questions and work with you by providing constructive feedback, in addition to the camaraderie that supports consistent learning and development."

Kristine

Junior Software Developer I

How do you empower your team to be more creative?

"More so than empowering individuals, you have to hire the right people, trust them and let them do what they are good at.”

Alireza

Director of Software Development & Platform

What's the biggest problem your team is solving?

"The problem my team is currently solving is how to integrate robots into the warehouse. iHerb recently brought on a new team of engineers to design the robots and my team will be interfacing with them. This will involve a range of sub-problems from path finding for robot navigation to dynamic location management."

Ian

Software Developer II

What are iHerb LLC. Perks + Benefits

iHerb LLC. Benefits Overview

Perks include snack and beverage stations, on-site gym's, video arcade rooms, sand volleyball court, team happy hour and networking events and etc...iHerb is dedicated to providing comprehensive medical, dental and vision plans by contributing 75% or more of the monthly costs associated, regardless of one's level of coverage.

Culture
Volunteer in local community
iHerb is committed to helping great causes here at home and around the world. We partners with organizations like the Boys and Girls Club, Susan G Komen, Ronald McDonald House, Exceed, etc...
Partners with Nonprofits
Worldwide, we’ve donated over $5 million. iHerb facilitates two schools in Cambodia in addition to supporting the Cambodian Children's Fund and New Hope Cambodia in support of children's education.
Friends outside of work
Eat lunch together
Intracompany committees
iHerb's iFit and iFocus teams are dedicated to organizing company events in addition to creating wellness programs and initiatives. The overall health and wellness of our team members is priority!
Daily stand up
Open door policy
Team owned deliverables
Team based strategic planning
Group brainstorming sessions
Open office floor plan
Health Insurance & Wellness Benefits
Flexible Spending Account (FSA)
iHerb Team Members can contribute up to $2700 annually to their FSA.
Disability Insurance
iHerb provides both short and long term disability coverage for it's Team Members.
Dental Benefits
iHerb provides both a DHMO and PPO thru Cigna Dental
Vision Benefits
Health Insurance Benefits
iHerb contributes 75% or more to the monthly costs associated with health plans ranging from Blue Shield's HMO, HMO+, PPO and HDHP.
Life Insurance
iHerb provides all full-time Team Members with a 100% company-paid $50,000.00 life/AD&D policy. In addition, Team Members have the option to elect additional life/AD&D coverage plans.
Pet Insurance
Wellness Programs
Onsite Gym
Team workouts
Retirement & Stock Options Benefits
401(K)
401(K) Matching
iHerb contributes a 100% match up to 4% of the Team Member's election. This is a "Safe Harbor" plan, absent from a vesting period , therefore the money that iHerb contributes is yours from day one.
Company Equity
iHerb provides a generous Profit Sharing and Phantom Unit Plan that provides equity to employees based on a minimal vesting period.
Performance Bonus
iHerb's annual discretionary bonus program is generous to say to say the least! Bonus plans are aligned with the individual and overall success of the company and Team Member.
Child Care & Parental Leave Benefits
Child Care Benefits
Generous Parental Leave
Family Medical Leave
Vacation & Time Off Benefits
Generous PTO
Acme Co. employees receive between 15 and 20 days per year of paid time off based on years of service.
Paid Holidays
Paid Sick Days
Perks & Discounts
Casual Dress
Game Room
Stocked Kitchen
Happy Hours
Happy hours are hosted On occasion .
Relocation Assistance
Professional Development Benefits
Job Training & Conferences
Tuition Reimbursement
Our tuition reimbursement plan offers an annual max of $5250 with a maximum total match of $5250.
Lunch and learns
Cross functional training encouraged
Promote from within
Continuing Education stipend
More Jobs at iHerb LLC.66 open jobs
All Jobs
Finance
Data + Analytics
Design + UX
Dev + Engineer
HR
Marketing
Operations
Product
Project Mgmt
Content
Data + Analytics
new
Pasadena
Operations
new
Orange County
Operations
new
Orange County
Project Mgmt
new
Orange County
Data + Analytics
new
Orange County
Operations
new
Pasadena
Developer
new
Orange County
Developer
new
Pasadena
Developer
new
Orange County
Developer
new
Orange County
Developer
new
Orange County
Content
new
Orange County
Marketing
new
Pasadena
Operations
new
Pasadena
Marketing
new
Pasadena
Operations
new
Orange County
Operations
new
Pasadena
Developer
new
Orange County
Operations
new
Orange County
Developer
new
Orange County
Developer
new
Orange County
Data + Analytics
new
Orange County
Developer
new
Orange County
Developer
new
Orange County
Project Mgmt
new
Pasadena
Design + UX
new
Pasadena
Developer
new
Orange County
Developer
new
Orange County
Developer
new
Orange County
Developer
new
Orange County
Developer
new
Orange County
Developer
new
Orange County
Developer
new
Orange County
Data + Analytics
new
Orange County
Project Mgmt
new
Pasadena
Developer
new
Orange County
Developer
new
Orange County
Developer
new
Orange County
Developer
new
Orange County
Developer
new
Orange County
Marketing
new
Pasadena
Developer
new
Orange County
Developer
new
Orange County
Developer
new
Orange County
Operations
new
Orange County
Developer
new
Orange County
Operations
new
Pasadena
Project Mgmt
new
Pasadena
Developer
new
Orange County
Finance
new
Orange County
Product
new
Orange County
Marketing
new
Pasadena
Design + UX
new
Pasadena
Design + UX
new
Orange County
Product
new
Orange County