Go Enterprise, contact us anytime: email, phone, or chat

  • Principal Incident Responder (CSIRT)

    Medtronic, Inc.

    You are a dynamic, experienced Cyber Security Incident Response professional interested in defeating advanced adversaries. We are the world's largest Medical Technology company. Seems fun, right? It is!!!

Description

Participate in the detection, response and remediation of information security incidents as part of Medtronic’s CSIRT (Cyber Security Incident Response Team). Lead investigations for advanced, targeted, attacks on Medtronic. Assist Command Center, SOC and CSIRT personnel as a resource for forensics, malware reverse engineering, and more. Frequently collaborate with external entities including industry partners, peer organizations, and law enforcement.


Responsibilities

  • Act as technical lead in the full Incident Response Lifecycle. Perform investigations on information security and cyber incidents, including determining root cause and participating in lessons learned.
  • Assist the Security Operations Center and Command Center staff by taking escalations for investigations and act as a resource for triage techniques. Identify and recommend process improvements for monitoring and detection.
  • Develop custom detections and mitigations for advanced and persistent attacks.
  • Develop reverse engineering malware skills to determine malicious code intent and capabilities.
  • Maintain a strong code of confidentiality based on the sensitivity of the work being performed.
  • Recommends and occasionally participates in implementation of security remediation in the course of responding to a specific security incident, or to proactively prevent security incidents.
  • Conducts research and intelligence gathering on advanced threat actors known to be targeting the organization and/or healthcare industry.
  • Provides technical solutions to a wide range of difficult problems. Solutions are imaginative, thorough, and practicable, and consistent with organization objectives.
  • Complete malware analysis on collected samples to gain a better understanding of attacker tools, techniques, and procedures.
  • Analyzes complex issues and significantly improves, changes, or adapts existing methods
  • Wide understanding security-related tools, including advanced threat detection, SIEM technology, internet and web-filtering, and other related tools. General knowledge of other related disciplines including servers, workstations, software, and network-related technology.
  • Act as the subject matter expert for Advanced Malware Detection and Endpoint and Detection and Response Platforms.
  • Applies mastery of in-depth knowledge in cyber or information security. Considered an internal expert.
  • Works under general direction. Independently determines and develops approach to solutions.
  • Establishes inter-organizational and outside customer contacts. Represents the organization in providing solutions to difficult technical issues associated to information security incidents.

Details

  • Travel Up to 25%
  • Incentives Not provided
  • Clearance & Citizenship U.S. Citizenship
  • Remote Work Remote occasional
  • Education Bachelors Degree
  • Salary Range Not provided

Join NinjaJobs!

Registered users get the benefit of full listing views, searches, posting options and more!

Company Ratings powered by

  • 3.7

    Overall Rating - Satisfied


  • Culture and Values 3.7
  • Work/Life Balance 3.4
  • Senior Management 3.1
  • Comp and Benefits 3.8
  • Career Opportunities 3.4