Connecting linkedin

W1siziisimnvbxbpbgvkx3rozw1lx2fzc2v0cy9oyw1sew4td2lsbglhbxmvanbnl2jhbm5lci1kzwzhdwx0lwpvyi5qcgcixv0

Job

Incident Response Technical Lead

  • Location

    Unknown

  • Sector:

    Technology

  • Job type:

    Permanent

  • Salary:

    $135,000-$150,000

  • Contact:

    Morgan DeMarino

  • Contact email:

    m.demarino@hamlynwilliams.com

  • Salary high:

    0

  • Salary low:

    0

  • Job ref:

    1102332

  • Published:

    2 months ago

  • Expiry date:

    2020-09-11

  • Startdate:

    ASAP

Responsibilities

  • Act as the primary escalation point for cyber security incidents at ,
    developing response plans and coordinating activity as needed
  • Provideleadership to the Cyber Security Incident Response Team in the implementation
    of the Information Security and Incident Response strategies
  • Coordinate response, triage and escalation of security events affecting the company’s information assets and activities within the Incident Response team
  • Responsible for understanding the threat landscape by working with other Cyber functions such as Threat detection, Threat Intelligence, Digital Forensics etc. and in building & executing required action plan
  • Interpretand summarize technical information for presentation to non-technical business
    contacts
  • Develop,integrate, improve cyber security incident response playbooks and
    documentation for the team
  • Identifycapability gaps and assist in developing those capabilities or implementing
    technology as needed
  • Prepare formal reports on incident findings
  • Drive improvements in cyber security incident detection
  • Drive improvements in cyber security incident response automation capabilities

 

Qualifications:

  • 8+ years of Information Security or related risk management experience
  • Bachelor’s degree in Information Security, Computer Science, Information Technology, related field or equivalent work experience
  • 3-5+ years of Hands on Information Security SOC/Incident Response experience with analyzing IOCs/Alerts as identified by SOC & Threat Intel teams
  • Demonstrated experience with utilizing SIEM such as Splunk (preferred), ArcSight, QRadar, etc. in investigating security issues and / or complex operational issues on Windows and Unix
  • Advanced knowledge of network protocols and operating systems (Windows, Unix, Linux, Databases)