Description

  • Provide Tier 2 incident response services to the global organization on behalf of the Information Security Team.
  • Receive, process, and resolve tickets per defined SLA's.
  • Analyze information garnered from monitoring systems, operational incidents, and other sources to determine the scope and impact of potential security incidents, and process accordingly.
  • Critically assess current practices and provide feedback to management on improvement opportunities.
  • Assist with the design and implementation of threat detection and prevention solutions identified as necessary for the protection of Firm assets.
  • Effectively utilize common IR toolsets, platforms, and processes, such as SIEM, log management, packet capture, and breach detection systems.
  • Provide assistance with forensic examinations and chain -of-custody procedures as directed by the Security Incident Response Engineers.
  • Provide input into standards and procedures.
  • Report compliance failures to management for immediate remediation.
  • Maintain assigned systems to ensure availability, reliability, integrity, including the oversight of current and projected capacity, performance, and licensing.
  • Provide status reports and relevant metrics to the Security Operations Manager.
  • Contribute to the Firm's security-related information repositories and other marketing/awareness endeavors.
  • Participate in special projects as needed.
  • Provide exemplary customer service by striving for first call resolution and demonstrating, empathy, respect, professionalism, and expertise.
      

Required Skills:

  • Foundational knowledge of IR concepts and best practices, including forensics and chain-of-custody.
  • Broad understanding of TCP/IP, DNS, common network services, and other foundational topics.
  • Working knowledge of malware detection, analysis, and evasion techniques.
  • Broad familiarity with the threat landscape and the ability to adapt practices to evolving circumstances.
  • Ability to gather and analyze facts, draw conclusions, define problems, and suggest solutions.
  • Maintain critical thinking and composure under pressure.
  • Strong written and oral communication skills. Ability to convey complex concepts to non-technical constituents. Proficiency in oral and written English.
  • Capable of providing assistance with the preparation of internal training materials and documentation.
  • Ability to be productive and maintain focus without direct supervision.
  • Passionate in the practice and pursuit of IR excellence.
  • Exhibits a disciplined and rigorous approach to incident handling.
  • Willing to accommodate shift-based work for a global organization.
  • Provide exemplary customer service by striving for first call resolution and demonstrating, empathy, respect, professionalism, and expertise.
      

Required Experience:

  • Possess a Computer Science Bachelor’s Degree or substantial equivalent experience
  • 5-8 years of professional experience in information security with a focus on incident response and forensics.
  • Experience with common IR tools such as SIEM, log management, IDS, breach detection systems (APT/BDS), and packet capture.
       

Special Requirements, Licenses, and Certifications

  • GIAC GSEC, GCIA, GMON, or GCIH
  • CISSP or SSCP desired