CAREER CONNECTOR

Our client has an immediate need for a Cyber Security Incident Response Team Lead, who will be responsible for ensuring effective detection and response to all security incidents

Requirements:

• Bachelor’s degree
• 5+ years of industry experience
• Experience in IT in the Information Security area
• Experienced ability to lead technical teams and strategic projects
• Experience with development of incident response, operations processes, and playbooks
• Experience understanding common security tools, instrumentation, and detection methodologies – EDR, SIEM, IDS/IPS, proxies, etc.
• Experience understanding core networking concepts (TCP/IP, etc.) and common protocols (HTTP, SMB, etc.)
• Experience understanding of tools and techniques used by hackers to breach networks, server systems, cloud workloads, or applications
• Experience understanding of security-related technologies and practices including authentication and authorization systems, endpoint protection, encryption, segmentation strategies, vulnerability management, network, and Host Incident Detection and Prevention, Data Loss Prevention, Data Security, risk-based and strong authentication, cloud access security, secure remote access, firewalls, Application Security, etc.
• Diverse technical background and exposure to enterprise networking, firewall, storage options, server infrastructure, operating systems, application development, database technologies, desktop operating systems and Cybersecurity
• Experience to deliver on SLA/OLA commitments under tight deadlines and/or budgetary and other resource constraints
• Experience working in transmission and distribution operations services industry or other highly regulated and/or compliance-oriented environments
• Experience and exposure to security standards NIST Cyber Security Framework, NIST SP800-61 R2, and ISO/IEC 27035
• Team leadership is a plus
• 3 + years of experience in leading Cybersecurity Operations, threat hunt, incident response, digital and/or network forensics, threat, and vulnerability management functions is a plus
• Cybersecurity certification such as CISSP, CISM, GCFE, GCIH, 3CCE, EnCE, OR digital forensics/incident response certification is a plus

Responsibilities:

• Leading and serving as a mentor for internal Threat Hunting, Incident Response, and Forensics, actively improving our capabilities
• Partnering with Cyber Security Operations and Engineering groups to improve operations, detection, response, and recovery
• Driving end-to-end Cybersecurity incident response activities, serving as an escalation point for high-priority or complex incidents
• Driving continuous refinement and improvement of incident response processes, playbooks, and Standard Operating Processes (SOPs)
• Growing and maturing Threat Intelligence Program and applicability of detected threats to drive actionable intelligence
• Identifying gaps in visibility and detection methodologies. Regularly evaluate current log quality and content development strategies, identify new data sources to enrich logs and new threat detection logic
• Providing incident metrics to other Cybersecurity and business leadership
• Building and maintaining relationships with IT and business stakeholders
• Building and maintaining relationships with local law enforcement and cyber defense authorities
• Building and maintaining relationships with key vendors
• Participating in internal and/or external audits as required
• Assisting in developing and enhancing Cybersecurity strategy and roadmap
• Collaborating with Cybersecurity and IT Risk Management peers to improve automated correlation, vulnerability scanning, code review/applications testing, and other detection security tools
• Managing security tools and associated professional service contracts and delivering capabilities
• Partnering with Infrastructure and Security leadership teams to develop use cases for security automation and response, logging, monitoring, and threat defense
• Contributing to the execution of Cyber Security operations, incident response, and investigations spanning across all functions of the Cybersecurity organization

How to Apply:

To submit your application, please click the “Apply Now” button located at the top and bottom of the page.

ConsultUSA is committed to providing equal employment opportunities (EEO) to all qualified employees and applicants for employment without regard to race, color, religion, gender identity or expression, sexual orientation, national origin, age, disability, genetic information, marital status, pregnancy, ancestry, or status as a covered veteran as well as any other prohibited criteria under any applicable federal, state, and local laws applicable to ConsultUSA.

For a complete listing of all ConsultUSA jobs please visit www.consultusa.com

EDR, NIST, SIEM, TCP/IP, SMB

About ConsultUSA and PMCentersUSA Solutions Provider

Founded in 1997, ConsultUSA specializes in Project Management and Business Analysis focused IT positions within various industries. We also offer challenging technical engagements in Application Development, Data Warehouse/BI, QA, & Network Engineering. We are partnered with solutions company PMCentersUSA, a world-class consulting/training organization distinguished as a PMI® award winner and federal GSA-approved supplier. Together, we offer remarkable career choices for talented individuals to assist our many clients with their IT project-based needs, strategic business projects, and organizational improvement initiatives. For salaried employees, we offer a range of outstanding benefits, including; Healthcare Insurance (medical, dental & vision), 401K Savings Plan with Employer Matching, Short- and Long-Term Disability, Life Insurance, Paid Holidays, Paid Time Off, and Industry Certification cost reimbursement. Once you’re on board, a dedicated Account Manager will work with you to identify specific goals to help you advance in your career and provide you with cost-free enrollment in our professional development courses provided by our partner, PMCentersUSA.

Connections working at ConsultUSA and PMCentersUSA Solutions Provider