Mooresville, NC, Mooresville, NC, United States [ View map ]
#LI-CM2
Relevant Experience
(in
Yrs)
8
years and above
Must Have Technical/Functional Skills
Lead security incidents from a technical
perspective, responsible for responding to security incidents and
performing forensics, including major ones, performing data gathering
and communications tasks as required.
Analyzing network traffic to identify
malicious activity or compromised systems, prevent successful attacks
Investigate data breaches and malicious
activity leveraging forensics tools; analyze Windows, and Linux, in
cloud environments to identify Indicators of Compromise (IOCs) and
Indicators of Attack (IOA); examine firewall, we b, database, and other
log sources to identify evidence of malicious activity
Work closely with engineering teams to
continuously provide technology requirements and use cases for enabling
technologies including but not limited to SIEM, SOAR, Case Management,
EDR, Intrusion Detection Systems, HIPS, Web Proxy/Content Filtering, Active
Directory, and any other tools needed
Lead, build, and maintain DFIR runbooks and
response procedures
Mentor and lead Incident Responders from a
technical perspective
Technical Cloud IR and Cloud forensics SME
Drive Security Incident Lessons Learned back
into the business
You will build and advance our Security
Incident Response program through implementation of incident management
best practices
You will serve as an escalation point for
complex security incidents and act as an incident manager to coordinate
response efforts across multiple teams and timezones
You’ll work across various security teams to
influence our signal collection, prevention and detection strategies
Building strong relationships with the other
technical teams across our engineering and infrastructure functions
Responsible for the continuous maturity of
Incident Response processes and the management of a globally distributed
Incident Response team.
Perform root cause analysis and guide Junior
analysts, to recommend security improvements to prevent future incidents
or events similar to those witnessed in the past. Ensure peer review
happens as much as possible.
Owns and ensures documentation of processes
and procedures are current.
Develops and conducts tabletop exercises.
Maintains situational awareness for cyber
threats across the global firm and take action where necessary.
Leads or participates in information
security-related projects or in managing strategy.
Develop new forensic detective and
investigative capabilities using current technical solutions.
Work with various business units and
technical disciplines in a security consultant role for cyber threats.
Adapt defense and detection capabilities
based on intelligence obtained externally or from previous incidents,
including Threat Intelligence and Threat Hunting.
Help automate any team repetitive tasks and
make process more efficient.
Drive incident response engagements through
forensic investigations, contain security incidents, and provide
guidance on longer term remediation recommendations.
Track emerging security practices and
contribute to building internal processes, and our various products.
Contributes to the technical strategy and
acts in an advisory capacity to colleagues. Uses specialized expertise
in one or more areas to interpret internal or external business issues
and recommends best practices.
Possesses specialized expertise in own job
family/discipline and working knowledge of other related job
families/job disciplines.
Contributes ideas and influences technical
decisions
Solves highly complex problems. Is able to
identify viable and often innovative options and use analytic
You are posting as a guest.
If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.
Recommended Comments
There are no comments to display.
Join the conversation
You are posting as a guest. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.