Listing Description
• Minimum 2-4 years of Enterprise Incident Response and/or Security Operations Centre experience
• Minimum 2-4 years of experience with standard Enterprise-class security stack (Firewall, IDS/IPS, Antivirus, SIEM, Web Proxy, Web Application Firewall)
• Functional knowledge of Cyber Security and Incident Response foundations, theory, terminology (Kill Chain, TTPs, APT, IOCs, etc.)
• >2 years operational experience with Splunk, ELK/Elastic, or similar log aggregation and log analysis platforms
• Completion of relevant Security or Technical certifications including CCNA, GCIH, GREM, GCFA, GCFE, OSCP is preferred.
• Demonstrated experience with Cyber Incident Management programs
• Bachelor's degree or College Diploma in Computer Science, Information Security or other related fieldsLead and coordinate the investigation effort for cyber security incidents from initial escalation through after-action reporting
Conduct live response analysis, network analysis, log analysis, and malware triage in support of incident response investigation
Effectively communicate investigative progress, findings, opportunities and challenges to Incident Management team
Manage intake of incidents and reports from internal customers, using the internal ticketing system in a timely and accurate manner.
The ability to identify and triage security incidents such as Malware, Phishing and Web Attacks is required.
Serve as Subject Matter Experts for cyber security incidents in meetings with internal and external teams
Provide leadership, knowledge transfer and mentoring of junior Security Specialists as part of normal IT and business activities.
Listing Details
- Salary: $110000 - $130000
- Citizenship: Us Citizen
- Incentives: Bonus
- Education: No Requirements
- Travel: No Travel
- Telework: Optional Telecommute