CSIRT TEAM LEAD

Incident Response Lead

Are you looking for a work environment where you can innovate, reach greater heights and collaborate with experts from a wide range of sectors? You want to join a world-class company and industry leader with projects to which you would be proud to contribute? Come share your passion with us!

The role we are offering you:

We are seeking a Incident Response Lead to join our Security team supporting our global network.

The Incident Response Lead will work collaboratively to lead and define the Incident Response program. Additional responsibilities include detection and responding to security incidents, maintain and follow procedures for security event alerting, and participate in security investigations.

Are you ready to:

• Lead the Incident Response Process u2013 Owns the critical process steps u2013 detection, validation, containment, remediation, and communication u2013 for computer-based security events and incidents such as malware infections, potential compromise, Distributed Denial of Service (DDoS), etc.

• CSIRT Team Lead u2013 Respond to critical security incidents and lead escalation teams to close with response, containment and remediation.

• Security Operations Playbooks u2013 Create, maintain and promote a set of security operation playbooks

• Support the security team by contributing to the resolution of computer security incidents

• Act as an expert in security incident response within the security operations team

• Analyze security alerts from various security monitoring tools & platforms

• Perform triage, assess the scope of threats and escalate as necessary

• Develop the teamu2019s response capabilities to all types of cyber security incidents

• Security Incident Management: Investigate, analyze, coordinate and report on all security events, incidents and intrusions; track incidents through analysis, diagnosis, correction and resolution

• Other activities as they relate to improving the firmu2019s posture towards cyber security incident response

• Security Assessments: Perform periodic network security assessments and review for evidence of vulnerability or compromise, and assist or coordinate mitigation and remediation

• Research: Assist in the study of vendors and technology for network and desktop security to determine those which best meet the needs of the organization

• Subject Matter Expert: Serve as an expert technical resource, to advise and assist in security issues, both proactively and reactively

• Ensure the integrity of data and systems, security of confidential information, and protection of physical property

• Collaborate with multiple cross-functional IT teams as well as non-IT business units as required

Our ideal candidate has:

• University degree, technical degree or relevant work experience u202F

• 2+ years in an incident response role.

• Deep knowledge of Operating Systems, Network infrastructure and IT Security solutions

• Working knowledge of incident management, case management and investigation practices

• Demonstrated experience supporting and leading investigations

• Demonstrated experience developing incident run books

• Excellent facilitation and communication skills - ability to coordinate and develop communication outside the team

• Ability to provide coverage and willingness to support a flexible work schedule

• Proactive, accountable, self-directed, humble and solution oriented

• Strong critical thinking and analysis skills

• Scripting knowledge such as Python, PowerShell, etc.