This Job Vacancy has Expired!

Incident Response Cyber Security Technical Lead

Posted on Feb 26, 2021 by Request Technology

Virginia, VA
IT
Immediate Start
$145k - $170k Annual
Full-Time


*We are unable to sponsor as this is a permanent full time role*

A prestigious fortune 500 company is on the search for an Incident Response Cyber Security Technical Lead. This company is looking for someone with 8+ years of experience with SOC incident response, IOC alerts handling, advanced threats detection, IDS/IPS, End Point protection and SIEM. They are looking for someone with experience with Splunk, ArcSight, and QRadar SIEM products. This person will build capabilities to provide automated and proactive detection, threat detection, threat intelligence, and digital forensics review of new SIEM use cases develop and update incident response playbooks

Responsibilities:

  • Coordinate response, triage and escalation of security incidents
  • Be responsible for understanding the threat landscape by working with other Cyber functions such as Threat detection, Threat Intelligence, Digital Forensics etc. and in building & executing required action plan
  • Act as a role model and provide tactical support to your peers and other security analyst teammates, who deliver Cybersecurity's scaled threat response, assessment and response efforts, including mentoring & train other team members
  • Routinely participate in the review of new SIEM use cases, develop & update incident response playbooks to ensure response activities align with best practices
  • Lead technical activities, oversee tactical delivery of improvements to Cybersecurity's Incident Response processes
  • Support development of SOPs, Resiliency plans, and other necessary documentation to support Security Operations
  • Augment Incident response team to ensure 24/7 coverage and operations. Responsibilities sometimes will require working evenings and weekends, sometimes with little or no advanced notice
  • Provide thought leadership and guidance on intelligence/analytics research to build capabilities to provide automated and proactive detection and response to threats
  • Routinely brief and update senior leadership and other stakeholders on the active incidents and manage expectations
  • Build and leverage effective relationships across within Information Security with functions such as Threat Intel, Forensics, Threat Detection as well as external teams in various lines-of-business, ensuring clear lines of communication and a comprehensive approach to security

Qualifications:

  • 8+ years of Information Security experience
  • Bachelor's degree in Information Security, Computer Science, Information Technology, related field or equivalent work experience
  • 3-5+ years of Hands on Information Security SOC/Incident Response experience with analysing IOCs/Alerts as identified by SOC & Threat Intel teams
  • Proven experience in handling security events in mission critical environments; hands-on troubleshooting, analysis, and technical expertise to resolve incidents and service requests; previous experience in solving day-to-day operational processes such as security monitoring, data correlation, security operations etc.
  • Good grasp of security incident response, such as different phases of response, vulnerabilities vs threats vs actors, Indicators of Compromise (IoCs), etc.
  • Strong knowledge of enterprise detection technologies and processes (Advanced Threat Detection Tools, IDS/IPS, Network Packet Analysis, Endpoint Protection)
  • Demonstrated experience with utilizing SIEM such as Splunk (preferred), ArcSight, QRadar, etc. in investigating security issues and/or complex operational issues on Windows and Unix
  • Advanced knowledge of network protocols and operating systems (Windows, Unix, Linux, Databases)
  • GCIH or GCIA and Splunk Certified Professional will be preferred



Reference: 1109411025

Set up alerts to get notified of new vacancies.

Similar Jobs

Incident Response Cyber Security Technical Lead

Virginia, VA

$145k - $170k Annual