23 days old

Global Cyber Incident Response Lead

Hallett, OK 74034
  • Job Code
    578404

POSITION SUMMARY:


Individuals within the Information Security Office plan, execute, and manage multi-faceted projects related to cyber security to detect, prevent and respond to threats that is affecting the company. Individual should have a mindset of a defender and should be able to operate in a fast paced environment working closely with our infrastructure team which includes Network, Firewall, Server and application teams.


Individuals develop security procedures such as security breach escalation procedures, incident response plan and exercises, metrics, response playbooks, security assessment procedures, use of firewalls and encryption routines, customizing threat feeds, work with security operation center, monitor and analyze threat and vulnerabilities, deploy solutions to protect network, email and endpoint devices.


These professionals work directly with the customers, third parties and other internal departments and organizations to facilitate information security management processes and to identify vulnerable areas. They also communicate and educate IT and the business about security policies and industry standards, and provide solutions for enterprise/business security issues.


LOCATION : Frisco, TX or Chesterbrook, PA 19087 (remote not available)


WORK COMPLEXITY:



  • Oversees the planning, execution, and management of multi-faceted projects related to Cyber command center operations.
  • Plan, build, develop and mature the security operations to pro-actively monitor the incidents that happens in the environment, build solutions to counter and respond to them
  • Drive innovation to sustain and automate the cyber operations by designing and working with cyber engineering team
  • Develops and manages security for multiple IT functional areas (e.g., applications, systems, network and/or Web) across the enterprise.
  • Serves as a subject matter expert (SME) for performing security and threat assessments
  • Develops security solutions for critical and/or highly complex assignments.
  • Leads multiple projects or programs.


PRIMARY DUTIES AND RESPONSIBILITIES:



  • Manage a team of individuals and vendors to provide support to security operations center which is built to protect data across ABC enterprise
  • Manage a team which provides 24x7 cyber security operations support inclusive of metrics
  • Monitors networks for signs of adversarial activity as a key member of the Cybersecurity Command Center
  • Experience in customizing intelligence feeds to suit ABC organization
  • Recognizes potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event intelligence and summary information
  • Detects the full spectrum of known cyber-attacks (e.g., DDoS, malware, phishing, ransomware & others) along with any security and compliance violations
  • Provides Tier III technical expertise on post event security intelligence and trend analysis
  • Guide, mature and work with the security operations team to build a top of the line security command center
  • Responds to alerts from various monitoring systems and platforms to address potentially malicious events in a timely manner
  • Independently leads computer incident investigations, determining the cause of the security incident and preserving evidence for potential legal action
  • Routinely develops and updates incident response playbooks to ensure response activities align with best practices, minimize gaps in response and provide comprehensive mitigation of threats
  • Provides other services as a key member of the Cybersecurity team:
  • Security review of changes to networks, servers and end point devices in collaboration with infrastructure operations
  • Security review of encryption policies, sensor policies for IDS/IPS, Firewalls, web security gateway, logging
  • Investigations and Forensics
  • Proposes additional components and techniques that could be used to proactively detect and prevent malicious activity.
  • Manages day-to-day relationship with security and infrastructure services partners
  • Conducts research of emerging security threats.
  • Develops security solutions for critical and/or highly complex assignments.
  • Leads multiple projects or programs.
  • Develops remediation strategies and risk responses associated with the protection of infrastructure and information assets.
  • Mentors less-experienced team members.


Qualifications


EXPERIENCE AND EDUCATIONAL REQUIREMENTS:



  • Bachelor's Degree in Computer Science, Information Systems or other related field, or equivalent work experience.
  • Typically requires 7-8 years of combined IT and security work experience with a broad range of exposure to systems analysis, application development, systems administration and over 4 years' experience designing and deploying cyber security solutions for operations at the enterprise level.
  • Requires Security Certification(s) (i.e., Certified Information Systems Security Professional (CISSP), or Certified Information Security Manage (CISM) or CEH or other equivalent recognized security certifications


MINIMUM SKILLS, KNOWLEDGE AND ABILITY REQUIREMENTS:



  • Great attitude to help, learn and grow, excitement is always welcome
  • Experience applying structured analytical methodologies to threat monitoring and intelligence analysis, e.g. Cyber Kill Chain
  • Experience with Network protocols and packet analysis tools
  • Must know SSL/TLS, HTTP, DNS, SMTP, IPsec, PKI, proxies, TCP/IP, VM, Wireless, VPN
  • Solid understanding of cloud based critical infrastructure systems security threats
  • Deep experience with cyber security in the domains of cyber threat intelligence and analysis, security monitoring and Incident Response
  • Familiarity with latest security vulnerabilities, advisories, incidents, penetration techniques, attack vectors, and countermeasures.
  • Demonstrated sound understanding of at least 3 of the following standards such as ISO 27001/27002, COBIT, ITIL, NIST, HIPAA, SOX and PCI
  • Ability to lead and provide direction to project teams
  • Strong consultative skills; ability to interface effectively with technical and non-technical leaders.
  • Understands Information Security as it relates to the business and other areas of IT; understands direct impacts and risks.

Categories

  • Information Technology

Randstad utilizes a technology-driven focus with a human touch to provide better staffing and business solutions to organizations around the world. Our team of experts match professionals with available career opportunities in a variety of fields.

Featured Jobs

Career News

Share this job:

Global Cyber Incident Response Lead

Randstad Technologies
Hallett, OK 74034

Share this job

Global Cyber Incident Response Lead

Randstad Technologies
Hallett, Ok
US

Separate email addresses with commas

Enter valid email address for sender.

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast