Associate Manager - IT Security
- The IT Security Manager will protect Data and Information and by providing timely response to cyber security threats, incidents, and requests for investigations using industry leading tools and practices.
- This leader will focus on Security Orchestration, Automation and Response (SOAR) tools to create alert content, data enrichment, playbooks, runbooks, and/or process improvements to streamline investigations and provide accurate and consistent documentation and response to security events.
- The leader will continuously train and develop training material for junior analysts to be apprised of emerging technologies, threats, attacks, and countermeasures
Job Description :
- Monitor, triage, and create logic to identify and respond to Information security events to track in a case management system.
- Identify, implement, and track necessary tuning of signatures and alerts
- Independently investigate, respond, escalate, and document findings for cybersecurity incidents and support and mentor more junior analysts
- Create processes to review and provide quality control validation for cybersecurity cases, incidents, tasks, and countermeasures
- Work with various teams and stakeholders to mitigate cybersecurity incidents
- Create, update and follow documented processes and runbooks
- Work with the Threat Intelligence team to identify areas for targeted threat hunts, create automated responses, and participate in threat hunting exercises
- Create, lead, and participate in department training exercises (table top, blue and purple team, etc.)
- Configure and manage cyber security instrumentation, create automated processes, and identify and develop alert logic to monitor and respond to security events.
- Participating in an on-call pager rotation for responding to high urgency alerts
Detailed Responsibilities :
- Analyze application, system, and security logs from any log source
- Document forensic investigation and research findings
- Demonstrate clear written and verbal communication
- Work well independently without in-person supervision
- Collaborate with team members across separate geographic locations
- Work well under pressure of cybersecurity incidents
- Build relationships with individuals across the organization
- Read and write scripts in python, javascript, splunk spl, regex, power-shell, or perl, etc.
- Cyber security best practices and trends
- Cyber security Incident Response Lifecycle and methods
- Cyber security risks and controls
- Networking and TCP/IP protocol
- Windows and Linux operating systems
- Cybersecurity architectures and methodologies (Defense in depth, Kill-Chain, NIST, OWASP, etc.)
- Indicators of Compromise (IOC) and Tactics Techniques and Procedures (TTP)
The Successful Applicant :
- 6-8 years of relevant experience in cyber security role
- Bachelor's degree in a technical field (cybersecurity, information technology, computer science, computer engineering, etc. )
- Experience in the banking or financial industry
- Experience using security orchestration automation and response technologies (SOAR) preferably "QRadar".
Preferred Certifications :
- Certified Information Systems Security Professional (CISSP) or Associate of (ISC)
- Certified Cloud Security Professional (CCSP)
- Systems Security Certified Practitioner (SSCP)
- GIAC Security Essentials (GSEC)
- GIAC Certified Intrusion Analyst (GCIA)
- GIAC Certified Incident Handler (GCIH)
- GIAC Certified Enterprise Defender (GCED)
- GIAC Continuous Monitoring Certification (GMON)
- GIAC Certified Forensic Analyst (GCFA)
- GIAC Advanced Network Forensics (GNFA)
- CompTIA Security+
- CompTIA Advanced Security Practitioner + (CASP+)
- Certified Ethical Hacker or Computer Security Incident Handler (CSIH)
- EnCase Certified Examiner (EnCE)
- Access Data Certified Examiner (ACE)
- AWS Cloud Certified Practitioner
- AWS Certified Solutions Architect or Associate
- AWS Security Specialty
- Fortinet Cybersecurity Certification
Didn’t find the job appropriate? Report this Job