This Job Vacancy has Expired!

Incident Response Technical Lead

Request Technology - Robyn Honquest

Posted on Sep 17, 2021 by Request Technology - Robyn Honquest

Atlanta, GA 30301
Immediate Start
$145k - $175k Annual


Incident Response Cyber Security Technical Lead

Salary: $145k to $175k plus $15k to $20k bonus

Location: McLean, VA

Looking for a candidate with 8+ years security, SOC, Incident Response, IOC alerts handling, security events, advanced threats detection, IDS/IPS network packet analysis, End Point protection, SIEM, Splunk, ArcSight QRadar. You will build capabilities to provide automated and proactive detection threat detection, threat intelligence and digital forensics. You will review new SIEM use cases develop and update incident response playbooks

*This position can be performed currently from a remote location in the U.S. but will require presence in a company office in the future.*

  • Coordinate response, triage and escalation of security incidents
  • Be responsible for understanding the threat landscape by working with other Cyber functions such as Threat detection, Threat Intelligence, Digital Forensics etc. and in building & executing required action plan
  • Act as a role model and provide tactical support to your peers and other security analyst teammates, who deliver Cybersecurity's scaled threat response, assessment and response efforts, including mentoring & train other team members
  • Routinely participate in the review of new SIEM use cases, develop & update incident response playbooks to ensure response activities align with best practices
  • Lead technical activities, oversee tactical delivery of improvements to Cybersecurity's Incident Response processes
  • Support development of SOPs, Resiliency plans, and other necessary documentation to support Security Operations
  • Augment Incident response team to ensure 24/7 coverage and operations. Responsibilities sometimes will require working evenings and weekends, sometimes with little or no advanced notice
  • Provide thought leadership and guidance on intelligence/analytics research to build capabilities to provide automated and proactive detection and response to threats
  • Routinely brief and update senior leadership and other stakeholders on the active incidents and manage expectations
  • Build and leverage effective relationships across within Information Security with functions such as Threat Intel, Forensics, Threat Detection as well as external teams in various lines-of-business, ensuring clear lines of communication and a comprehensive approach to security


  • 8+ years of Information Security experience
  • Bachelor's degree in Information Security, Computer Science, Information Technology, related field or equivalent work experience
  • 3-5+ years of Hands on Information Security SOC/Incident Response experience with analysing IOCs/Alerts as identified by SOC & Threat Intel teams
  • Proven experience in handling security events in mission critical environments; hands-on troubleshooting, analysis, and technical expertise to resolve incidents and service requests; previous experience in solving day-to-day operational processes such as security monitoring, data correlation, security operations etc.
  • Good grasp of security incident response, such as different phases of response, vulnerabilities vs threats vs actors, Indicators of Compromise (IoCs), etc.
  • Strong knowledge of enterprise detection technologies and processes (Advanced Threat Detection Tools, IDS/IPS, Network Packet Analysis, Endpoint Protection)
  • Demonstrated experience with utilizing SIEM such as Splunk (preferred), ArcSight, QRadar, etc. in investigating security issues and/or complex operational issues on Windows and Unix
  • Advanced knowledge of network protocols and operating systems (Windows, Unix, Linux, Databases)
  • GCIH IA and Splunk Certified Professional will be preferred

Reference: 1325276100

Set up alerts to get notified of new vacancies.