Lead incident response activities through forensic investigations, containment of security incidents, and provide guidance on long term remediation recommendations.
Investigate potential data breaches and malicious activity leveraging forensics tools; analyze Windows, Linux, and Mac OS X systems to identify Indicators of Compromise (IOCs); examine firewall, web, database, and other log sources to identify evidence of malicious activity.
Evaluate the security program, technologies, controls, and business environments; and provide recommendations and develop enhancements.
Work with other analysts and direct incident response activities including tracking and logging
Coordinate with leadership team(s) on incident activities including the CISO, CIO, Legal, HR and Communications and other related business units.
Assist with developing Information Security Plans, Policies and Playbooks, specifically those related to Incident Response.
Coordinating IR Table Top exercises and simulations.
Provide recommendations on solutions to help manage information security risk.
Track emerging security practices and contribute to building internal processes and improving response capabilities.
Stay abreast of the current industry trends and related implications.
Bachelor’s Degree in Computer Science, Information Security, or other relevant areas.
Minimum of 5-7 years of incident response or digital forensics experience.
Demonstrated expert understanding of the life cycle of network threats, attacks, attack vectors, and methods of exploitation with an understanding of intrusion tactics and techniques.
Knowledge of TCP/IP Protocols, network analysis and network/security applications, including log and network traffic capture analysis.
Experience with EnCase, FTK, SIFT, Volatility, Splunk, Magnet, ELK/Logstash, WireShark, Carbon Black, or other open source forensic/log analysis/network analysis tools.
Knowledge of industry standard frameworks – NIST, ISO, HIPAA, PCI.
Self-motivated and comfortable working both independently and as part of a team.
Strong interpersonal communication skills (verbal & written); ability to work across business functions including Legal, HR, and Communications teams.
Aptitude to learn technical concepts, and ability to manage multiple tasks and projects.
Advanced degree or Industry certifications such as CISSP, Ethical Hacking, GCFE, or CIH
Candidate should be able to demonstrate additional knowledge and experience in the field of information security.
Benefits, Privileges and Growth Opportunities:
Over 31 Benefits and Privileges to include medical, dental, vision, 401k, cash balance retirement plan and more.
Equal Opportunity Affirmative Action Employer.
Commitment to serve a diverse customer population with diverse teams of teammates.
Over 100 years of success is an indication of the stability our workforce enjoys.