Connecting linkedin

W1siziisimnvbxbpbgvkx3rozw1lx2fzc2v0cy9oyw1sew4td2lsbglhbxmvanbnl2jhbm5lci1kzwzhdwx0lwpvyi5qcgcixv0

Job

Team Lead - Incident Response (CSIRT)

  • Location

    Charlotte, NC, USA

  • Sector:

    Technology, Cyber Security

  • Job type:

    Permanent

  • Salary:

    140k

  • Contact:

    Ross Gisondi

  • Contact email:

    r.gisondi@hamlynwilliams.com

  • Salary high:

    0

  • Salary low:

    0

  • Job ref:

    CSOC

  • Published:

    5 months ago

  • Expiry date:

    2019-05-03

Responsibilities

  • Conduct breach response investigations analysis and perform root cause analysis
  • Serve as the lead escalation point for the CSIRT team
  • Mentor more junior analysts
  • Support the SIEM and Content Engineers to develop rules
  • Review security incident reports and gather evidence for documentation
  • Develop and create Security Ops process, policy and procedure
  • Define and assist in creation of operational and executive reports
  • Enhance the capabilities in the SOC by defining new tool utilization requirements

 

Qualifications

  • Over ten years of IT experienced combined with Information Security experience
  • Extensive experience working in a SOC or performing Incident Response
  • Must possess excellent leadership qualities and serve as the lead escalation point
  • Utilizing Splunk for security event analysis
  • Excellent understanding of network protocols
  • Ability to understand malware and detection techniques
  • Experience with Network and Host Forensics
  • Excellent knowledge with Intrusion Detection/Prevention systems
  • Experience working in Linux, Unix, or Windows operating systems  
  • Excellent knowledge of pcap analysis (Wireshark)