Job Responsibilities

● Lead initiatives including the research, analysis, design, testing, and implementation of computer network security and protection technologies for company information and network systems and applications.

● Review and analyze computer security incident response activities and technical investigations of information security-related incidents.

● Identify vulnerabilities and associate those to a severity rating by deriving impact and ease of exploit.

● Conduct security risk assessments to ensure compliance with corporate information security policies and adherence to best practices.

● Communicate to the line of business on the inherent risks and provide meaningful mitigation strategies.

● Support company-wide security awareness efforts and train information owners in the appropriate use of information and the implementation of necessary computer security controls and/or systems.

● Collaborate and consult with peers, colleagues, and managers to resolve issues and achieve goals.

● Triage customer requests, apply playbook-driven solutions, initiate potential incident investigations through assignments to support engineers, and assist the engineers with the use of web-based resources to determine if a given event is potentially real, or more importantly that it is benign.

● Respond to security incidents; perform forensics activities and root cause analyses.

Top Skills:

● Incident Analysis and Response

● Strong networking and Systems Security skills

● VAPT – Vulnerability Assessments and Penetration Testing

Minimum Qualifications:

● Bachelor's degree in Computer Science or related field, or equivalent work experience

● Relevant work experience preferably within security information technology

● Prior experience in Computer Incident Response Team (CIRT)/Computer Emergency Response Team (CERT), or a Security Operations Center (SOC)

● Extensive experience in network security monitoring, network packet analysis, host, and server forensics

Desired Qualifications:

● Prior SIEM experience – Security Information & Event Management system, log aggregation, and event notification tool experience such as Splunk, Exabeam Rapid7.

● Knowledge or experience with other tools like ESET, Crowd Strike, Carbon Black, and Cisco Umbrella.

● CISSP, GSEC (SANS 401) certification is desirable.

● SANS certifications such as GREM, GCFA, GREM, GNFA, ENCE, or related are also preferred

● Experience in industry well-known as well as open-source Network and/or Host forensic tools, OSINT.