- 7+ years of total experience in Information Technology
- 3+ years of professional experience in an information security function, including analyzing and applying information security risk management, and privacy practices
- 2+ years in an information security incident handling role
- Strong understanding of network protocols and security technologies, including firewalls, intrusion detection systems, and encryption.
- Experience with open-source intelligence (OSINT) tools and techniques.
- Experience with cloud and physical forensic investigations, delivering executive reports
- Knowledge of red team/blue team exercises and experience participating in such exercises.
- Technical understanding of incident response frameworks and methodologies with a focus on automation.
- Experience with Intel, SIEM, and SOAR platforms, such as, ThreatConnect/MISP, Snowflake/ Splunk, and Swimlane/DeMisto
- Expertise with commercial and open-source digital forensic toolsets such as Encase, AccessData, SIFT, Axiom Flexible working hours to support a global operation
- Required Interpersonal Skills
- Experience engaging with executive level individuals during the conduct of incident response
- Excellent oral and written communication ability
- Ability to present complex technical issues and findings to diverse audiences in both technical and non-technical parlance, both orally and in writing
- Diplomacy in working with customers and stakeholders
- Ability to follow policy and procedure
- Ability to work in a team and at times perform under stress
- Demonstrate integrity in dealing with potentially sensitive data and restricted information
- Exceptionally self-motivated with a superior analytical, evaluative, and problem-solving abilities
- Ability to set and manage priorities judiciously
- Required Technical Skills
- Knowledge of basic security principles to include confidentiality, integrity, and availability; access control, authentication, and authorization; privacy and non-repudiation
- Understanding of security vulnerabilities and exposures, and from where they arise
- Familiarity with the Internet, its network protocols, and network applications and services
- Knowledge of network security issues and host/system security issues
- Understanding of malicious code of various types and various threat vectors
- Experience with Risk Analysis and Risk Management
- Basic understanding of programming and scripting, advanced knowledge a plus
- Required Incident Handling Skills
- Through good communication and documentation, presents a consistent front to customers and stakeholders
- Ability to synthesize data from technical skills listed above to understand and identify intruder techniques
- Ability to utilize interpersonal skills listed above to communicate with customers and stakeholders and bring quick resolution
- Demonstrated ability to analyze ongoing situations for the potential of a security incident
- Ability to maintain incident records in support of recovery, regulatory and legal requirements
- Familiar with ITIL service management methodology.
- Prior experience in a 24x7x365 operations environment.
- Strong technical skills in security assessments of external service providers, providing security guidance, and participating in mock security breach exercises
- Experience with GDPR and GDPR compliance implementations
- Experience and/or SME knowledge of the ISO 27001, NIST 800-53, NIST CSF and PCI DSS.
|
- Preferred certifications: CISSP, ITIL, GCIH, CERT/CC CSIH, GCTI, GCFR, GCFA, GIME, GCFE
- Multiple language capability desired
|
Never miss an opportunity! Create an alert based on the job you applied for.
