Enterprise Cybersecurity Leader

Key Responsibilities:

• Review proposed change requests to rules or policies for firewalls, routers and access control lists.
• Perform regular reviews or audits of deployed rule sets to identify drift from baseline.
• Perform real-time security monitoring for potential cybersecurity threats.
• Analyze alerts and coordinate responses with senior analysts.
• Perform triage of potential security incidents in accordance with SOC case handling procedures, alert handling procedures and customer-specific procedures.
• Perform continuous improvements on services by identifying and correcting problems and gaps in knowledge and document materials.

• Knowledge of network protocols including TCP/IP, LAN/WAN, routing, HTTP, DNS and SMTP.
• Working knowledge of network security technologies including:
• Firewalls.
• Network IDS/IPS solutions.
• Network monitoring solutions.
• Switch/router ACLs.
• Network Access Control solutions.
• Web Application Firewalls.
• Proxy servers and secure web gateways.
• 5+ years hands-on experience with SIEM, IDS/IPS, EDR and other security technologies.
• Experience with Unix/Linux/Windows operating systems.
• Working knowledge of shell/bash/python.
• Excellent written and verbal communication skills, with experience presenting technical information to both technical and non-technical audiences.
• 3+ years professional experience working with enterprise network solutions.
• CCNA, CCDA, CCNP or Network+ certification required.

As a cybersecurity operations and incident response leader, you will manage local and remote team members. You will utilize your experience to manage daily security monitoring and investigation tasks as well as leading the response to security incidents.

Primary responsibilities include:

• Managing change requests to rules or policies for firewalls, routers and access control lists.
• Performing regular reviews or audits of deployed rule sets to identify drift from baseline.
• Performing real-time security monitoring for potential cybersecurity threats.
• Analyzing alerts and coordinating responses with senior analysts.
• Performing triage of potential security incidents in accordance with SOC case handling procedures, alert handling procedures and customer-specific procedures.
• Performing continuous improvements on services by identifying and correcting problems and gaps in knowledge and document materials.

This role requires strong leadership and analytical skills, with the ability to work effectively in a fast-paced environment. You will be responsible for managing local and remote team members, as well as leading the response to security incidents.

Required qualifications include:

• Knowledge of network protocols including TCP/IP, LAN/WAN, routing, HTTP, DNS and SMTP.
• Working knowledge of network security technologies including:
• Firewalls.
• Network IDS/IPS solutions.
• Network monitoring solutions.
• Switch/router ACLs.
• Network Access Control solutions.
• Web Application Firewalls.
• Proxy servers and secure web gateways.
• 5+ years hands-on experience with SIEM, IDS/IPS, EDR and other security technologies.
• Experience with Unix/Linux/Windows operating systems.
• Working knowledge of shell/bash/python.
• Excellent written and verbal communication skills, with experience presenting technical information to both technical and non-technical audiences.
• 3+ years professional experience working with enterprise network solutions.
• CCNA, CCDA, CCNP or Network+ certification required.

You will be working in a dynamic and challenging environment, with opportunities for growth and development. If you are a motivated and experienced professional looking for a new challenge, we encourage you to apply.