Incident Response Analyst

Job ID
# of Openings
Information Technology


VariQ has an exciting opportunity for a highly qualified Incident Response Analyst to support the Symantec effort in Raleigh, North Carolina.


Additional Information:

  • Salary: Dependent upon experience
  • Security Clearance: None


Incident Response Analyst:

  • Perform incident response activities using  the Symantec Data Loss Prevention (DLP) tools (formerly known as Vontu across network, VPN, e-mail system, at rest storage, file shares, etc.
  • Examine and analyze electronic media to produce a report of findings that is sufficiently detailed and clear to a point it could be used in a legal case when required.
  • Perform detailed analysis of DLP events during the incident process, combining sound analytical skills with advanced knowledge of IT security threats.
  • Participate in knowledge-sharing and write technical articles based on investigative analysis performed for internal knowledge repositories.
  • Conduct ongoing review of existing DLP business rules, make recommendations for enhancements, and build automation processes to facilitate incident response and incident remediation.
  • Assist personnel in identifying data leakage such as but not limited to: Personally Identifiable Information (PII), confidential, or restricted organization communications.
  • Provide recommendations and implement changes to minimize impact to the end-users while providing required DLP protection in the customer environment


  • Direct experience in a Security Operations Center or Network Operations Center as a security analyst or engineer
  • Familiarity with Symantec security tools such as DLP, SEP, CSP or similar tools.
  • Ability to review, recommend and implement changes to Enforce DLP policies to tailor the system to the specific customer requirements
  • Able to interact with customers, team members and product support personnel
  • Experience with interpreting requirements and implementing policies
  • Strong analytical and creative problem solving skills  


Preferred Qualifications:

  • Previous incident handling and threat intelligence experience in a large enterprise
    Direct experience using Symantec DLP v. 12 or 14


Minimum Requirements:

  • 5+  years overall IT experience
  • 2+ years’ experience with installation, configuration, and/or support of  Symantec DLP products such as Symantec Enforce, DLP Prevent, DLP Monitor, DLP Discover, DLP Endpoint Protect Servers and the Endpoint DLP agents, or similar


Bachelors of Science in Computer Science, Systems Engineering, Cybersecurity, Information Technology or related area.


Preferred Certifications:

Any of following SANS certifications: GCIH, GCFE, GCFA,GREM, GPEN, GWAPT, GXPN

Certified Information Systems Security Professional (CISSP)

Symantec Technology Specialist (STS) – Administration of Symantec DLP Ver. 12 or 14



VariQ is an equal opportunity employer.


Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed