IT Security Incident Response Lead at Comtec Consultants
300 Malabar Rd SE
Brevard County, Florida 59128 United States
Responsibilities:
Responsible for tier 2 security incident investigation and reporting.
Manages SIEM front-end including workflow management, threat hunting assignments, threat intelligence ingests, rule/alert creation and maintenance, and can identify when an event is not parsed correctly.
Completes monthly metrics collection and analysis of IR team effectiveness.
Provides subject matter expertise, on-the-job training, and training materials for junior incident response analysts.
Features
Exact Job Title: Security Incident Response Lead
Date Posted: 03/15/2021
Valid Through: 03/01/2022
Employment Type: Full-time
Base Salary: $118,912.00
Hiring Organization: Comtec Consultants
Employer Overview:
Serves as IR escalation point of contact between tier 1 and 3 and between the clients and customer as required.
Reviews, updates, and maintains the SOCC’s IR Plan.
Provides on-call support when escalation is required or as required by the customer.
Maintains currency with threat intelligence and latest vulnerabilities “in-the-wild”.
Customizes IR monitoring strategies to improve detection capabilities and reduce time to detection.
Conducts security exercises to test SOCC readiness and capability.
Polls IR team for on-the-job knowledge and develops impromptu/informal training sessions to ensure the entire team is trained and ready to perform.
Education Requirements:
Bachelor’s Degree in Computer Science, Information Technology/Computer Information Systems, or related field with Cyber/Information Security.
Experience Requirements:
7+ years of information technology experience.
4+ years of incident response experience.
Thorough understanding of system logs, log analysis, and packet analysis.
Functional knowledge of Cisco routers and switches and CLI configurations.
In-depth knowledge of SIEM functions, threat hunting, correlation of events, dashboard creation, metrics development, and creating alerts based on threat intelligence and IOCs.
Thorough understanding of 2nd and 3rd order vulnerability mitigations beyond system patching cycles.
Ability to prioritize vulnerability mitigation efforts based on risk assessments.
Must have strong written and oral communication skills, be self-motivated and a self-starter, maintain a curiosity and desire to learn, and be able to work well in a team environment.