Compare your current skills to what this opportunity needs—we'll show you what you already have and what could strengthen your application.
Job Description
DivIHN (pronounced "divine") is a CMMI ML3-certified Technology and Talent solutions firm. Driven by a unique Purpose, Culture, and Value Delivery Model, we enable meaningful connections between talented professionals and forward-thinking organizations. Since our formation in 2002, organizations across commercial and public sectors have been trusting us to help build their teams with exceptional temporary and permanent talent. Visit us at to learn more and view our open positions. Please apply or call one of us to learn more For further inquiries regarding the following opportunity, please contact our Talent Specialist, Ragu at
Title:
Cybersecurity Incident Responder•
Hybrid Location:
St.
Paul, MN Duration:
12
Months Schedule:
8:00 AM•5:00 PM (Hybrid•4 Days Onsite) Only W2 candidates are eligible for this position. Third-party or C2C candidates will not be considered
Job Description:
We are seeking a Cybersecurity Incident Responder with strong experience in SOC operations analyst and incident response. The ideal candidate will collaborate with multiple IT teams, communicate effectively with stakeholders at all levels, and maintain accurate incident documentation. Primary Job Function Responsible for investigating, analyzing, and responding to security incidents across the organization s environment. Leads or executes complex incident response activities, adapts standard procedures to evolving threats. Plays a critical role in protecting the organization s technology assets by identifying, analyzing, and responding to cybersecurity threats that may result in unauthorized access, misuse, or disruption of services. Core Job Responsibilities Monitor security alerts and events from various tools (SIEM, EDR, IDS/IPS, etc.) to identify potential incidents. Perform triage, correlation, and in-depth analysis of security events, including indicators of compromise (IOCs), malware activity, phishing attempts, and suspicious network behavior. Conduct forensic analysis on systems, networks, and endpoints to determine root cause and scope of incidents. Develop and implement response strategies to mitigate immediate threats and prevent recurrence. Support the implementation, tuning, and monitoring of security tools such as SIEM, EDR, firewalls, and intrusion detection systems. Ensure security controls are effectively detecting and preventing malicious activity. Validate and enhance alerting mechanisms to reduce false positives and improve detection accuracy. Document incidents thoroughly, including timelines, impact assessments, and remediation actions. Required Skills Experience working in a SOC (Security Operations Center) environment.
Hands-on expertise with:
Splunk SentinelOne XSOAR or Proofpoint Strong communication and documentation skills. Ability to collaborate with cross-functional IT teams. Preferred Skills Threat hunting experience (plus). Scripting knowledge (Plus). Experience supporting Medical or Pharmaceutical environments (preferred, not required). Ability to communicate effectively with employees across all organizational levels. Position Accountability & Scope Accountable for timely detection, analysis, and response to cybersecurity incidents to minimize organizational risk and business disruption. Works under moderate supervision but exercises independent judgment when handling incidents and escalating issues. Responsible for maintaining the confidentiality, integrity, and availability of organizational systems and data. Collaborates cross-functionally with IT, network, security engineering, and business teams during incident response activities. Contributes to continuous improvement of incident response processes, playbooks, and detection capabilities. Ensures compliance with internal security policies, standards, and regulatory requirements. Minimum Experience/Training 3 years of technical experience in a Security Operations Center (SOC), incident response, or cybersecurity-related role. Demonstrated experience with security monitoring and investigation tools (e.g., SIEM such as Splunk, EDR platforms, email security tools). Strong understanding of network protocols, operating systems, enterprise security controls and frameworks such as
MITRE ATT&CK.
Minimum Education Bachelor's degree in Information Technology or similar area; or equivalent work experience. Interview Process Round 1: Virtual Interview Round 2: In-Person Interview at Client Location About us: DivIHN , the ''IT Asset Performance Services'' organization, provides Professional Consulting, Custom Projects, and Professional Resource Augmentation services to clients in the Mid-West and beyond. The strategic characteristics of the organization are Standardization, Specialization, and Collaboration. DivIHN is an equal opportunity employer. DivIHN does not and shall not discriminate against any employee or qualified applicant on the basis of race, color, religion (creed), gender, gender expression, age, national origin (ancestry), disability, marital status, sexual orientation, or military status.
