Chief Cybersecurity Specialist

Security Incident Responder

A prominent role in the organization exists for a seasoned Security Incident Responder. This individual will be tasked with protecting client assets and ensuring the security of client systems and data by promptly identifying, assessing, and responding to security incidents.

• Leading Security Incident Response Team: The successful candidate will lead and manage the Incident Response team, primarily responsible for directing security event monitoring, management, and response, as well as cyber intelligence.
• Incident Analysis: Investigate and analyze security incidents to determine their cause, scope, and impact.
• Documentation and Communication: Document incident response activities, including findings, actions taken, and lessons learned, while staying informed about the latest security threats, vulnerabilities, and industry best practices.
• Guidance and Support: Provide guidance and support to other team members on security incident response procedures and techniques, collaborating with internal teams to identify and address security gaps and weaknesses in our systems and processes.

The ideal candidate should have experience creating and updating various PowerShell scripts for Active Directory and Azure AD, as well as O365. They should be able to verify client remedial actions, providing feedback and verifying fixes to highlighted security issues. Additionally, research and maintain proficiency in computer network exploitation tools, techniques, countermeasures, and trends in computer network vulnerabilities, data hiding, network security, and encryption.

• Analytical Thinker: A strong analytical thinker willing to think outside the box to resolve customer-impacting situations on first contact, understanding customer risk profiles.
• Extensive Background: Extensive background in various operating systems (Windows, Unix, Linux), network firewalls, IPS, WAF, Web proxy, VPN, mail gateway, cloud (Azure, AWS), and security engineering concepts.
• Scripting Languages: Knowledge of scripting languages (Microsoft Sentinel and SNOW advantageous).
• Security Frameworks: Knowledge of leading security frameworks (ISO 27001, CE, Mitre Telecommunication ck, NIST-CSF).
• Communication and Interpersonal Skills: Strong communication and interpersonal skills, with the ability to work effectively with cross-functional teams.
• Certifications: Relevant certifications (Certified Incident Handler, GCIH, Certified Information Systems Security Professional, CISSP) are preferred.