Remote Sr. Security Incident Response

Exciting Remote Sr. Security Incident Response, contract opportunity.

Requirements

• 4 plus years experience in incident response, intrusion analysis and/or intrusion detection
• Provide support in the detection, response, mitigation, and reporting of cyber threats affecting client networks
• Maintain an understanding of the current vulnerabilities, response, and mitigation strategies used in cyber security operations
• Produce reports and briefs to provide an accurate depiction of the current threat landscape and associated risk.
• Facilitate the customer's posturing itself to aggressively investigate cyber activity targeting customer information and its information infrastructure
• Utilize various security tools to identify potential incidents, network intrusions, and malware events
• Track investigations in Help Desk systems
• Utilization of SIEM tool to respond to incidents detected
• Reviewing and analyzing log files to report any unusual or suspect activities
• Utilize incident response use-case workflows to follow established and repeatable processes for triaging and escalating
• Generating trouble tickets and performing initial validation and triage to determine whether incidents are security events.
• Provides operations for persistent monitoring on a 24/7 basis of all designated networks, enclaves, and systems. Interprets, analyzes, and reports all events and anomalies in accordance with Computer Network directives, including initiating, responding, and reporting discovered events.
• Coordinates and distributes directives, vulnerability, and threat advisories to identified consumers.
• Provides daily summary reports of network events and activities and delivers metric reports.