Incident Response Team Lead

About The Position

Requirements

• Minimum five (5) years of progressive experience in cybersecurity, information security, security engineering, network engineering, incident response, systems architecture, or data management with a cybersecurity focus.
• Bachelor’s degree in Computer Engineering, Computer Science, Information Technology, or Cybersecurity (or eight (8) years of relevant work experience in lieu of degree)
• Required Certification: Certified Information Systems Security Professional (CISSP)
• Proficient experience with: Security Information and Event Management (SIEM) systems Endpoint Detection & Response (EDR) tools Intrusion Detection & Prevention Systems (IDS/IPS) Digital forensic and case management platforms
• Proven experience leading cyber incident response efforts and coordinating with technical and non-technical stakeholders.
• Clearance: TS/SCI Clearance required

Nice To Haves

• Knowledge and experience with scripting and programming (Python, PERL, etc.) are also highly preferred
• Desirable certifications include, but not limited to: GCIH, GCIA, GCFE, GREM, GCFA, GSEC Security + CEH, CISSP, CCNA (Security) or equivalent Certifications.
• CySA+

Responsibilities

• Utilize state-of-the-art technologies such as host forensics tools (FTK/Encase), Endpoint Detection & Response tools, log analysis (Splunk), and network forensics (full packet capture solution) to perform hunt and investigative activity to examine endpoint and network-based data
• Conduct malware analysis, host and network, forensics, log analysis, and triage in support of incident response
• Recognize attacker and APT activity, tactics, and techniques that can be used to improve monitoring, analysis, and incident response
• Develop and build security content, scripts, tools, or methods to enhance the incident investigation processes
• Lead Incident Response activities and mentor junior staff
• Work with key stakeholders to implement remediation plans in response to incidents
• Effectively investigative and identify root cause findings then communicate findings to stakeholders including technical staff, and leadership
• Author Standard Operating Procedures (SOPs) and training documentation when needed
• Generates end-of-shift reports for documentation and knowledge transfer to subsequent analysts on duty

Benefits

• Highlights of our benefits include Health/Dental/Vision, 401(k) match, Paid Time Off, STD/LTD/Life Insurance, Referral Bonuses, professional development reimbursement, and parental leave.