Responsible for tier 2 security incident investigation, and reporting
Manages SIEM front-end including workflow management, threat hunting assignments, threat intelligence ingests, rule/alert creation and maintenance, and can identify when an event is not parsed correctly
Completes monthly metrics collection and analysis of IR team effectiveness
Provides subject matter expertise, on-the-job training, and training materials for junior incident response analysts
Exact Job Title: | Security Incident Response Lead |
---|---|
Date Posted: | 15/03/2021 |
Valid Through: | 01/03/2022 |
Employment Type: | Full-time |
Base Salary: | $118,912.00 |
Hiring Organization: | Comtec Consultants |
Employer Overview: | Serves as IR escalation point of contact between tier 1 and 3 and between the clients and customer as required Reviews, updates, and maintains the SOCC’s IR Plan Provides on-call support when escalation is required or as required by the customer Maintains currency with threat intelligence and latest vulnerabilities “in-the-wild” Customizes IR monitoring strategies to improve detection capabilities and reduce time to detection Conducts security exercises to test SOCC readiness and capability Polls IR team for on-the-job knowledge and develops impromptu/informal training sessions to ensure the entire team is trained and ready to perform |
Education Requirements: | Bachelor’s Degree in Computer Science, Information Technology/Computer Information Systems, or related field with Cyber/Information Security. |
Experience Requirements: | 7+ years of information technology experience 4+ years of incident response experience Thorough understanding of system logs, log analysis, and packet analysis Functional knowledge of Cisco routers and switches and CLI configurations In-depth knowledge of SIEM functions threat hunting, correlation of events, dashboard creation, metrics development, and creating alerts based on threat intelligence and IOCs Thorough understanding of 2nd and 3rd order vulnerability mitigations beyond system patching cycles Ability to prioritize vulnerability mitigation efforts based on risk assessments Must have strong written and oral communication skills, be self-motivated and a self-starter, maintain a curiosity and desire to learn, and be able to work well in a team environment. |