Position : Cyber Security Incident Response Lead Manager
Location : REMOTE in CA
Duration : 12+ Months Contract
Job Description :
Technical Proficiency :
In-depth knowledge of incident triage, telemetry, log analysis, and endpoint security
Ability to understand and assess various cyber security incidents, including account and endpoint compromises
Framework Knowledge :
Strong familiarity with NIST Framework, specifically NIST 800-53
Ability to reference and apply frameworks in practical scenarios
Cybersecurity Forensic Analysis :
Proficient in cybersecurity forensic analysis techniques and tools
Communication Skills :
Exceptional verbal and written communication skills, capable of presenting complex information clearly to diverse audiences, including C-level executives
Documentation :
Proficient in developing, maintaining, and improving incident response documentation and reporting
Ensures detailed and accurate documentation of incidents and responses
Interpersonal Skills :
Ability to navigate and influence strong personalities, especially within executive leadership across multiple departments
Excellent personal skills to handle high-pressure situations effectively
Meeting Leadership :
Proven ability to lead and direct meetings effectively
Presentation Skills :
Strong presentation and verbal communication skills.
Minimum Qualifications :
minimum of 2 years of recent experience within the last 3 years in triaging cyber security events and alerts
This includes identifying and prioritizing security incidents, assessing the potential impact and scope, and initiating appropriate response actions
Leadership Experience :
At least 2 years of recent experience within the previous 3 years as a lead cyber security incident response manager
This involves overseeing the incident response process, coordinating with multiple teams and departments, and ensuring effective resolution of security incidents
Extended Detection and Response (XDR) Console :
3 years of experience working with an Extended Detection and Response (XDR) console
This includes configuring, monitoring, and managing the XDR system to detect and respond to advanced threats across multiple security layers
E-Discovery Processes :
3 years of experience conducting e-discovery processes for major cyber security events
This involves collecting, preserving, and analysing digital evidence to support incident investigations and legal proceedings
Endpoint Security Products :
3 years of experience working with endpoint security products
This includes deploying, configuring, and managing endpoint protection solutions to safeguard against malware, ransomware, and other threats targeting endpoint devices
Security Information and Event Management (SIEM) :
3 years of experience working within a Security Information and Event Management (SIEM) solution
This involves setting up and maintaining the SIEM system, creating and tuning detection rules, and analysing security events and logs to identify potential security incidents
Log Analysis and Investigation : 3 years of experience analysing and investigating system and security logs
This includes reviewing logs from various sources such as network devices, servers, and applications to detect anomalies, identify indicators of compromise, and support incident response efforts.