Our client has an immediate need for a Cyber Security Incident Response Team Lead, who will be responsible for ensuring effective detection and response to all security incidents
5+ years of industry experience
Experience in IT in the Information Security area
Experienced ability to lead technical teams and strategic projects
Experience with development of incident response, operations processes, and playbooks
Experience understanding common security tools, instrumentation, and detection methodologies – EDR, SIEM, IDS/IPS, proxies, etc.
Experience understanding core networking concepts (TCP/IP, etc.) and common protocols (HTTP, SMB, etc.)
Experience understanding of tools and techniques used by hackers to breach networks, server systems, cloud workloads, or applications
Experience understanding of security-related technologies and practices including authentication and authorization systems, endpoint protection, encryption, segmentation strategies, vulnerability management, network, and Host Incident Detection and Prevention, Data Loss Prevention, Data Security, risk-based and strong authentication, cloud access security, secure remote access, firewalls, Application Security, etc.
Diverse technical background and exposure to enterprise networking, firewall, storage options, server infrastructure, operating systems, application development, database technologies, desktop operating systems and Cybersecurity
Experience to deliver on SLA/OLA commitments under tight deadlines and/or budgetary and other resource constraints
Experience working in transmission and distribution operations services industry or other highly regulated and/or compliance-oriented environments
Experience and exposure to security standards NIST Cyber Security Framework, NIST SP800-61 R2, and ISO/IEC 27035
Team leadership is a plus
3 + years of experience in leading Cybersecurity Operations, threat hunt, incident response, digital and/or network forensics, threat, and vulnerability management functions is a plus
Cybersecurity certification such as CISSP, CISM, GCFE, GCIH, 3CCE, EnCE, OR digital forensics/incident response certification is a plus
Leading and serving as a mentor for internal Threat Hunting, Incident Response, and Forensics, actively improving our capabilities
Partnering with Cyber Security Operations and Engineering groups to improve operations, detection, response, and recovery
Driving end-to-end Cybersecurity incident response activities, serving as an escalation point for high-priority or complex incidents
Driving continuous refinement and improvement of incident response processes, playbooks, and Standard Operating Processes (SOPs)
Growing and maturing Threat Intelligence Program and applicability of detected threats to drive actionable intelligence
Identifying gaps in visibility and detection methodologies. Regularly evaluate current log quality and content development strategies, identify new data sources to enrich logs and new threat detection logic
Providing incident metrics to other Cybersecurity and business leadership
Building and maintaining relationships with IT and business stakeholders
Building and maintaining relationships with local law enforcement and cyber defense authorities
Building and maintaining relationships with key vendors
Participating in internal and/or external audits as required
Assisting in developing and enhancing Cybersecurity strategy and roadmap
Collaborating with Cybersecurity and IT Risk Management peers to improve automated correlation, vulnerability scanning, code review/applications testing, and other detection security tools
Managing security tools and associated professional service contracts and delivering capabilities
Partnering with Infrastructure and Security leadership teams to develop use cases for security automation and response, logging, monitoring, and threat defense
Contributing to the execution of Cyber Security operations, incident response, and investigations spanning across all functions of the Cybersecurity organization
How to Apply:
To submit your application, please click the “Apply Now” button located at the top and bottom of the page.
ConsultUSA is committed to providing equal employment opportunities (EEO) to all qualified employees and applicants for employment without regard to race, color, religion, gender identity or expression, sexual orientation, national origin, age, disability, genetic information, marital status, pregnancy, ancestry, or status as a covered veteran as well as any other prohibited criteria under any applicable federal, state, and local laws applicable to ConsultUSA.
About ConsultUSA and PMCentersUSA Solutions Provider
Founded in 1997, ConsultUSA specializes in Project Management and Business Analysis focused IT positions within various industries. We also offer challenging technical engagements in Application Development, Data Warehouse/BI, QA, & Network Engineering. We are partnered with solutions company PMCentersUSA, a world-class consulting/training organization distinguished as a PMI® award winner and federal GSA-approved supplier. Together, we offer remarkable career choices for talented individuals to assist our many clients with their IT project-based needs, strategic business projects, and organizational improvement initiatives. For salaried employees, we offer a range of outstanding benefits, including; Healthcare Insurance (medical, dental & vision), 401K Savings Plan with Employer Matching, Short- and Long-Term Disability, Life Insurance, Paid Holidays, Paid Time Off, and Industry Certification cost reimbursement. Once you’re on board, a dedicated Account Manager will work with you to identify specific goals to help you advance in your career and provide you with cost-free enrollment in our professional development courses provided by our partner, PMCentersUSA.