Full-Time Senior Cyber Security Incident Responder – Associate Director
Job Description
Position has changed.. see link below
Cyber-Incident Response Subject Matter Expert (freelance)
Similar Positions: (Click one of the 3 links below to see other positions)
Principal Security Architect Principal Network Security Architect Associate Director of IT Security Engineering
The Cyber Blue Team is primarily responsible for the preparation, detection and analysis, containment, eradication, recovery, and post-incident activity related to cyber-incidents. Cyber Incident Response combines a series of technical and non-technical components to establish the recommended cyber-incident detection, response, coordination, and resolution actions.
The Sr. Cyber Security Incident Responder will perform cyber-incident detection and analysis activities through the monitoring of security appliances, such as SIEM, IDS/IPS, EDR, and Network Threat Detection, conducting in-depth analysis of cyber alerts to confirm a compromise has occurred. This position will work closely with IT in developing response processes and playbooks and crafting and executing corresponding tabletop exercises.
Your Responsibilities
- Build and execute playbooks to strengthen response activities from events or incidents
- Collaborate with IT on cyber incident response strategies, roles and responsibilities
- Design and lead tabletop exercises passionate about responses to cyber events or incidents
- Provide hands-on incident response training for IT and other members of the Cyber Blue Team
- Lead security investigations and computer forensic analysis
- Develop incident reports to include root-cause analysis, incident impact, and remediation tracking
- Utilize detective controls to develop rules and alerts to drive security monitoring capabilities
- Build and implement standard operating procedures and processes to help streamline investigations, daily monitoring and analysis research to ensure all analysts are effective and following the same guidelines
- Proactively conduct research of network traffic and system activity looking for security anomalies and suspicious activities
- Analyze available data sources to identify trends and make recommendations to improve network, system and data security monitoring
- Perform Advanced Persistent Threat correlation between multiple security event sources such as firewall logs, threat intelligence feeds, AV, IDS, IPS, and Cyber Threat Intelligence
- Conduct static and/or multifaceted analysis of malware to harvest indicators of compromise to improve security monitoring
- Leadership Competencies for this level include
- Accountability: Demonstrates reliability by taking vital actions to continuously meet required deadlines and goals.
- Global Collaboration: Applies global perspective when working within a team by being aware of own style and ensuring all relevant parties are involved in key team tasks and decisions.
- Communication: Articulates information clearly and presents information optimally and expertly when working with others.
- Influencing: Convinces others by making a strong case, bringing others along to their viewpoint; maintains strong, positive relationships while at the same time is comfortable with results-oriented ideas.
- Innovation and Creativity: Thinks aggressively and out of the box, generates new insights and processes, and expertly pursues challenges as new avenues of opportunity.
Qualifications
- Demonstrable understanding of various security methodologies and processes, and technical security solutions (i.e. firewalls, proxies, and intrusion detection systems)
- Extensive knowledge of network and server security products, technologies, and protocols protocols including TCP/IP, UDP, DHCP, FTP, SFTP, ATM, SNMP, SMTP, SSH, SSL, VPN, RDP, HTTP and HTTPS.,
- Intelligence driven defense utilizing the MITRE ATT&CK Framework.
- Security certification(s) and/or official training, such as GCIH, CSIH, ECSA, CHFI, ECIH, CEH or similar, or degree
Position has changed:
Cyber-Incident Response Subject Matter Expert (freelance)
Similar Positions:
Principal Security Architect Principal Network Security Architect Associate Director of IT Security Engineering
