SSUSA Job #779: Security Monitoring & Incident Response Specialist
Job Description
SECURITY MONITORING AND INCIDENT RESPONSE SPECIALIST
Responsibilities:
· Monitor for threats and vulnerabilities through a combination of automated and manual processes and respond accordingly. As a continuous feedback loop, incorporate learnings into additional preventive and detective controls
· Research and develop risk mitigating approaches and drive response and remediation
· Expand the usage of security monitoring tools to improve the security of the environment, including detection, prevention and policy enforcement; Define security configuration for monitoring tools, including alerts, correlation rules, and reporting. Leverage a combination of vendor products and services, open source and custom developed utilities
· Serve as a subject matter expert for security monitoring and incident response related knowledge domain and tools
· Stay abreast of the latest information security controls, practices, techniques and capabilities in the marketplace; Lead internal skills development activities for information security personnel on the topic of security monitoring and incident response, by providing mentoring and by conducting knowledge sharing sessions
· Perform all phases of incident response life cycle: analysis, containment, eradication, remediation, recovery; Conduct forensics (e.g. host based disk and memory, as well as network) and analysis to determine root cause and impact
Qualifications:
· Minimum five years security monitoring experience and incident response activities; preferably within a professional services firm or similar environment
· Bachelor’s degree from an accredited college or university
· Experience in security monitoring, security operations, and incident response activities; Experience defining security monitoring rules, monitoring events, assessing risk, responding to incidents and providing security oversight related to the security features of IT tools supported by the IT operations teams; Strong trouble-shooting and organizational skills and ability to work on multiple projects simultaneously
· Understanding of network and system intrusion and detection methods; Examples of related technologies include Splunk, Next Generation Endpoint Protection Platforms (EPP), Security information and event management (SIEM), hacking tools techniques and procedures
· Experience with malware analysis, endpoint lateral movement detection methodologies and host forensic tools; Understanding of network protocol analysis
SEND YOUR RESUME TO JOBS@SSUSA.COM
ATTENTION JOB-779
Job Location
New York City/New Jersey
Position Type
Permanent
Salary Range
TBD