IT Security Incident Response Lead at Comtec Consultants

300 Malabar Rd SE
Aviston, Illinois 59128 United States

About

Responsible for tier 2 security incident investigation, and reporting
Manages SIEM front-end including workflow management, threat hunting assignments, threat intelligence ingests, rule/alert creation and maintenance, and can identify when an event is not parsed correctly
Completes monthly metrics collection and analysis of IR team effectiveness
Provides subject matter expertise, on-the-job training, and training materials for junior incident response analysts
 

Features

Exact Job Title: Security Incident Response Lead
Date Posted: 03/15/2021
Valid Through: 03/01/2022
Employment Type: Full-time
Base Salary: $118,912.00
Hiring Organization: Comtec Consultants
Employer Overview: Serves as IR escalation point of contact between tier 1 and 3 and between the clients and customer as required
Reviews, updates, and maintains the SOCC’s IR Plan
Provides on-call support when escalation is required or as required by the customer
Maintains currency with threat intelligence and latest vulnerabilities “in-the-wild”
Customizes IR monitoring strategies to improve detection capabilities and reduce time to detection
Conducts security exercises to test SOCC readiness and capability
Polls IR team for on-the-job knowledge and develops impromptu/informal training sessions to ensure the entire team is trained and ready to perform
Education Requirements: Bachelor’s Degree in Computer Science, Information Technology/Computer Information Systems, or related field with Cyber/Information Security.
Experience Requirements: 7+ years of information technology experience
4+ years of incident response experience
Thorough understanding of system logs, log analysis, and packet analysis
Functional knowledge of Cisco routers and switches and CLI configurations
In-depth knowledge of SIEM functions threat hunting, correlation of events, dashboard creation, metrics development, and creating alerts based on threat intelligence and IOCs
Thorough understanding of 2nd and 3rd order vulnerability mitigations beyond system patching cycles
Ability to prioritize vulnerability mitigation efforts based on risk assessments
Must have strong written and oral communication skills, be self-motivated and a self-starter, maintain a curiosity and desire to learn, and be able to work well in a team environment.

Location