Lead initiatives including the research, analysis, design, testing, and implementation of computer network security and protection technologies for company information and network systems and applications
Review and analyze computer security incident response activities and technical investigations of information security-related incidents
Identify vulnerabilities and associate those to a severity rating by deriving impact and ease of exploit
Conduct security risk assessments to ensure compliance with corporate information security policies and adherence to best practices
Communicate to the line of business on the inherent risks and provide meaningful mitigation strategies
Support company-wide security awareness efforts and train information owners in the appropriate use of information and the implementation of necessary computer security controls and/or systems
Collaborate and consult with peers, colleagues, and managers to resolve issues and achieve goals
Triage customer requests, apply playbook-driven solutions, initiate potential incident investigations through assignments to support engineers, and assist the engineers with the use of web-based resources to determine if a given event is potentially real, or more importantly that it is benign
Respond to security incidents; perform forensics activities and root cause analyses
Top Skills:
Incident Analysis and Response
Strong networking and Systems Security skills
VAPT – Vulnerability Assessments and Penetration Testing
Minimum Qualifications:
Bachelor's degree in Computer Science or related field, or equivalent work experience
Relevant work experience preferably within security information technology
Prior experience in Computer Incident Response Team (CIRT)/Computer Emergency Response Team (CERT), or a Security Operations Center (SOC)
Extensive experience in network security monitoring, network packet analysis, host, and server forensics
Desired Qualifications:
Prior SIEM experience – Security Information & Event Management system, log aggregation, and event notification tool experience such as Splunk, Exabeam Rapid7
Knowledge or experience with other tools like ESET, Crowd Strike, Carbon Black, and Cisco Umbrella
CISSP, GSEC (SANS 401) certification is desirable
SANS certifications such as GREM, GCFA, GREM, GNFA, ENCE, or related are also preferred
Experience in industry well-known as well as open-source Network and/or Host forensic tools, OSINT
