Associate

Job Description (Posting).

IT Senior Security Incident Response Engineer

• Telecommute

• Grade 28 (Contractor)

Please note this will be shift work

• Monday to Friday 3pm 12am CT

Purpose of Job: This role is an individual contributor for the Security Incident Response Team. As the

team has developed into a 24/7 365 operation, we require strong individual contributors that will

investigate, analyze and contain security incidents.

Major Responsibilities

Perform analysis on cybersecurity alerts in both On-Premises or Cloud environments

Produce detailed incident reports and security recommendations

Strong ability to collaborate, delegate tasks and drive deadline compliance in a highly regulated,

time sensitive environment

Manage containment and remediation efforts of affected assets, IOCs, and TTPs

Hold stakeholders accountable for remediation actions

Integrate and collaborate with other subject matter experts throughout the organization

Influence the creation and/or adoption of new standards and procedures

Identify deficiencies in processes and tools, recommend security controls and/or corrective

actions for mitigating technical and business risk. Contribute to Lessons Learned Meetings.

Monitor security intake technologies for reports of security incidents

Qualifications

4 or more years of IT Security or Cyber Security experience in any of the following areas:

o Incident Response

o Email Security

o Data Protection\Governance

o Cybersecurity threat detection, monitoring and reporting

o Cyber Intelligence and Threat Hunting

o Vulnerability Management

Experience analyzing attack vectors, current threats, and security remediation strategies

Experience with SIEM technologies, EDR technologies, and/or Asset isolation tools

o SIEM: Splunk, Sentinel, etc

o EDR: Microsoft Defender, Tanium, TrendMicro VisonOne, etc

Networking experience (including the OSI Model, TCP/IP, DNS, HTTP, SMTP), System

Administration, and Security Architecture

High-level familiarity of global privacy regulations (NY Cyber, GDPR, LGPD, CERT-In)

Experience in public cloud platforms, including Azure, AWS, and Google Cloud Platform

Assets

Undergraduate degree or equivalent experience

Spanish Language skills

PowerShell, KQL, or Python scripting experience

CISSP, CISA, GCIH, CEH, CHFI, CCSP, SEC+, Net+, A+

Understanding of NIST 800-61, Cyber Kill Chain, and MITRE ATT&CK framework (1.) Depending on the work environment, the subject matter expert may lead or be an active participant of a work-group with the need for specialized knowledge. (2.) Meet all agreed-upon turnaround times for deliverables, deliverable reviews, or deliverable sign-off (3.) Understands, articulates and implements best practices related to his area of expertise. (4.) Provides guidance on how his area of capability can resolve an organizational need and actively participates in all phases of the solution life cycle. Design Solutions and best practices to meet clients objective. (5.) Work with clients to identify business challenges and contribute to client deliverables by refining, analyzing, and structuring relevant data