EMC Insurance Group Inc. Des Moines , IA 50301
Posted 4 days ago
At EMC, you'll put your skills to good use as an important member of our team. You can count on gaining valuable experience while contributing to the company's success. EMC strives to hire and retain the best people by engaging, developing and rewarding employees.
Plans, designs, implements, and matures cybersecurity tooling and processes. Evaluates information systems and collaborates with security architecture and engineering on complex security-related projects. Performs research and development involving advanced topics, threats, and techniques. Serve as cybersecurity operations center escalation point for SOC team members and peer team. Performs advanced cybersecurity activities such as threat hunting, threat intelligence, purple teaming, attacker emulation, controls testing, and leading incident response tasks and readiness.
Essential Functions:
Serves as security operations center team lead and as second level security incident response escalation point of contact.
Researches and resolves complex escalated alerts and incidents, such as advanced threats, malware, and security incidents, utilizing cybersecurity tools, such as SIEM and SOAR and remediates.
Leads complex incident response activities which involves meeting with Legal, IT and other department leaders.
Provides support and guidance to team with incident response teams and activities as needed.
Plans, coordinates, and executes regular incident response preparedness, including tabletop exercises.
Configures and administers complex cybersecurity systems, including vulnerability management, SIEM detection and alert development, EDR detections and exclusions, SOAR playbooks, and writing scripts for automations.
Verifies that adequate security controls and recovery requirements remain in effect as system changes are performed.
Leads and designs controls testing to ensure compliance with cybersecurity controls and standards.
Collaborates with Cybersecurity Engineers to guide enterprise system administrators on complex cybersecurity issues and concerns.
Develops vendor relationships, including understanding and evaluating emerging technologies of existing vendors and provides recommendation that strategically aligns to roadmap.
Education & Experience:
Bachelor's degree in a computer related field or equivalent relevant experience
Five years of experience in information security or related experience
Security certifications (CySA+, CISSP, Security+, CEH) preferred
Knowledge, Skills & Abilities:
Excellent knowledge of commonly used concepts, practices, and procedures within the field of information security
Excellent knowledge of SIEM and SOAR technologies
Strong knowledge IPS/IDS rules and policies
Strong knowledge in one or more scripting languages, preferably Python
Strong knowledge of protecting endpoints both cloud and on-premises
Strong knowledge of vulnerability management and remediation and related security tools
Strong knowledge of threat detection and response solutions
Strong knowledge of enterprise system administration
Excellent analytical and problem-solving abilities
Excellent incident response skills including leading large group of various levels of the organization
Excellent verbal and written communication skills
Strong human relations and customer service skills
Strong organizational and multi-tasking skills
Our employment practices are in accordance with the laws that prohibit discrimination due to race, color, creed, sex, sexual orientation, gender identity, genetic information, religion, age, national origin or ancestry, physical or mental disability, medical condition, veteran status, active military status, citizenship status, marital status or any other consideration made unlawful by federal, state, or local laws.
All of our locations are tobacco free including in company vehicles.
EMC Insurance Group Inc.