Senior Cyber Security Incident Responder

Remote Full-time
About the position

Responsibilities
• Work with senior management to develop and maintain CSIRT process and practice documents
• Lead CSIRT service transition and serve as a trusted advisor to manage customer expectations
• Review incident response activities and documentation efforts of the support team and provide feedback as necessary
• Provide or arrange for necessary training for the support team on CSIRT methods and/or security tooling used in the client environment
• Receive and monitor incident information from Verizon managed security services and other sources
• Oversee creation of Threat Intel Reports for security threats that might impact the client environment or have interest to the client
• Review the collected incident data and confirm or reject incidents based on the analysis
• Classify and prioritize incidents based on established criteria
• Facilitate communication between stakeholders of the status of the incidents with weekly and/or monthly meetings and reports
• Coordinate at least annual Table Top Exercises for the team and client security team training needs
• Coordinate the containment effort based on the available information and established processes
• Make containment decisions and facilitate decision making by other parties using established escalation process
• Communicate with the affected users and stakeholders to organize the containment effort
• Verify the effectiveness of containment actions taken
• Identify the attack vector of used by incident and confirm take actions to confirm that similar incidents are prevented in the future
• Validate the effectiveness of the eradication actions
• Coordinate forensics and law enforcement activities with officials if necessary
• Coordinate the recovery actions; confirm that the recovery effort was successful; and confirm that all temporary containment efforts have been removed
• Update stakeholders on the status of the recovery effort
• Conduct a root cause analysis for Critical or High incidents
• Communicate the results of the root cause analysis to Customer and stakeholders to prevent similar incidents in the future
• Analyze the incident response effort, with feedback from Customer and third parties. Identify and analyze any mistakes as well as good decisions done during response process
• Use the results of the analysis as an input for improvements, such as incident response process changes or changes in security monitoring

Requirements
• Bachelor's degree or four or more years of work experience
• Four or more years of relevant work experience
• Relevant work experience in: a cybersecurity capacity, responding to cybersecurity incidents, triaging, and/or investigating cybersecurity incidents

Nice-to-haves
• Bachelor's degree or Master's degree in Computer Science, Cyber Security or related technical or business field
• Strong background in CSIRT and SIEM technologies
• Splunk experience and certification
• Proven background using various EDR tools like Carbon Black, Crowdstrike or Tanium
• Strong communication skills and ability to engage with customers at both technical and executive levels
• Clear and concise written and oral communication, including the ability to produce professional-level documentation
• Strong problem-solving and security analytics skills; able to identify gaps in processes and recommend improvements for mitigation
• Strong leadership skills and a proactive approach to customer issues with background leading a remote team
• Ability to excel in high pressure environments
• SANS or other Security Certifications, such as GCIA, GCIH, GCFE, GREM, GPEN, CEH
• CISSP Certification
• CISM Certification
• ITIL Foundations training / Certification
• Significant experience with how to structure and operate an efficient Incident Response process
• Knowledge of common types of malware, their infection vectors, how to identify them using network and host based tools, how to eradicate them and verify the success of eradication efforts
• Knowledge of current security threats and vulnerabilities, how to detect and mitigate them, ability to understand their possible consequences on the customer's environment
• Understanding of modern technologies used to detect malware and vulnerabilities and protect assets
• Understanding of modern network and cloud technologies

Apply Now

Apply Now
Apply Now →

Similar Jobs

Experienced Registered Behavior Technician for In-Home ABA Therapy - Atlanta, GA

Remote

Immediate Hiring: Experienced Registered Behavioral Technician (RBT) for Clinic-Based ABA Therapy Services

Remote

Experienced Registered Behavioral Technician (RBT) - ABA Therapy for Children with Autism Spectrum Disorder

Remote

Experienced Registered Nurse - Telehealth: Providing Remote Care Coordination and Patient Support

Remote

Experienced Substitute Teacher for Riverside County Schools - Join Scoot Education's Innovative Team

Remote

Experienced Substitute Teacher for San Bernardino County - Flexible Schedules & Competitive Pay

Remote

Experienced School Year Instructional Coach for High-Dosage Tutoring Programs in Edgewater Park, NJ

Remote

Experienced School Year Tutor for K-8 Students in Math and Literacy - Mickleton, NJ

Remote

Experienced Secondary Social Studies Teacher for Kansas - Flexible Hybrid Remote Arrangement

Remote

USPS Office Helper

Remote

Italian Language Tutor - No Experience Required – Amazon Store

Remote

Email Marketing System Implementation Specialist - High-Compliance SaaS Platform

Remote

Drafter / Estimator (Remote)

Remote

Spanish Medical Interpreter/Translator - (08-HR) Full Time/Rotating Shift

Remote

Remote Housekeeping Supervisor - Prudhoe Bay - BOC

Remote

Senior Financial Analyst Mergers and Acquisitions - Remote Opportunity!

Remote

[Remote/WFM] Entry-Level Technical Support Representative –

Remote

Head of Data Science and Analysis, Product | Strategic Leadership & Data-Driven Innovation

Remote

Experienced Part-Time Remote Data Entry Specialist – Empowering Accurate Information Management at careerzynith

Remote

**Experienced Data Entry Specialist – PDF to Excel/Word Conversion Expert (Remote Work Opportunity)**

Remote
← Back