Senior Security Incident Responder - job id 30495


Your Way To Work™

Senior Security Incident Responder

Market Full Time Salary

Downtown, NYC - Financial District



How to Apply

logo

Kyle Barlics


logo

(732) 791-4723


logo

(212) 616-4800 ext-580




A F/T position at a preeminent global financial services firm.

Pay Options: F/T Employee.

Contact Kyle Barlics. call (732) 791-4723 / (212) 616-4800 ext.580 or email kyle@sans.com with the Job Code KTB30495 or Click the Apply Now button.

Location: Downtown, NYC - Financial District.

Skills required for the position: SECURITY, TESTING, FORENSIC, AUTOMATION, SPLUNK.


Detailed Info: Seeking hands on senior member to assist computer security incident response (CSIRT) function performing incident response, campaign assessments, intelligence collection, network and host based forensics Responsible for highest-level of incident analysis, in-depth threat research, leading and executing response and remediation plans.


The individual will lead investigations around potential intrusions, research cyber-attacks, malware, and threat actors to determine potential impact and provide remediation guidance.


- Investigate cyber security incidents and threats

- Interact with senior stakeholders and leadership teams as part of the response efforts

- Improve the detection, escalation, containment and resolution of incident

- Enhance existing incident response methods, tools, and processes

- Collect, assess and catalogue threat indicators

- Maintain knowledge of the threat landscape by monitoring OSINT and related sources

- Tear apart a piece of malware to understand attack vector and likely purpose

- Assist during non-core business hours during an emergency, critical or large-scale incident


This position requires a detail oriented, critical thinker who can anticipate issues and solve problems. Experience in an operational environment such as SOC, CERT required. Demonstrable experience leading incidents and the ability to showcase community contributions via mailing lists and ISACs

Development/Computing Environment: Strong experience with security products and technologies, especially related to event and incident handling (e.g., SIEM, HIDS/NIDS, AV, signature and behavioral-based systems).


- Excellent writing and presentation skills are required in order to communicate findings and recommendations and provide status on ongoing investigations

- Detailed technical understanding of security incidents and alerts

- Experience in malware analysis (static/behavioral), penetration testing and forensics

- Reverse engineering and malware analysis

- Deep familiarity with operating system and network concepts

- Ability to execute against high-level objectives

- Industry certifications: GCIH, GREM or other related SANS certifications

- Previous Team Lead Experience


Skills Desired

- Response workflow development and automation

- Splunk familiarity/experience is a plus.


.

The position offers competitive compensation package.


Job Id: 30495