Cyberattacks have been on the rise around the globe, with hackers and other criminals targeting businesses large and small to steal valuable information or bring computer networks to a halt. Cyber Security Specialists are valued for their ability to protect an organization’s information and systems from such attacks.
This position is responsible for providing ongoing information security services to all aspects of the on premise and cloud corporate IT environments. This position will require working across several security functions and have a strong primary focus on incident response activities.
Essential Functions / Key Areas of Responsibility
List the essential functions required for this position to exist. Also, list the responsibilities that must be completed in achieving the objectives of the position. Include all important aspects of the job -- whether performed daily, weekly, monthly, or annually; and any that occur at irregular intervals. Focus these responses on direct actions or key functions.
• Must be able to respond to Security incidents quickly and efficiently to mitigate threats affecting North American network, systems and serve as a global incident responder for all regions.
• Must be able to lead the development and implementation of incident reporting and incident response processes and procedures to address a security incidents and breaches, and reports of violation of policy.
• Must be able to lead Security Monitoring maturity project and engage with vendor to drive process improvements in their service.
• Must be able to configure, deploy and monitor Endpoint Detection & Response tool across all systems in NORAM. Develops process for other regions to utilize this capability to reduce risk and strengthen security posture globally.
• Must be able to provide technical security requirements and recommendations on new IT and business projects.
• Responsible for working with HR and Legal to lead security activities around access management, security investigations and actions requiring data gathering and analysis.
• Responsible for defining plans to mature all Security Monitoring and Incident Response processes.
• Responsible for providing security engineering solutions and support during incidents, proactively considering the prevention of similar incidents from occurring in the future.
• Responsible for leading Security Monitoring maturity project and leads engagement with vendor on process improvements.
• Responsible for supporting DFARS & CMMC compliance work involving gap assessment, documentation and remediation actions.
• Security lead on ITSM implementation to define security controls and processes to protect data in the cloud.
• Responsible for being a technical lead in North America and work with IS/IT teams on topics such as E-Mail security, tool configuration and deployment, system defense hardening, etc.
Minimum Requirements: Skills, Experience, Education, Technical/Specialized Knowledge, Certifications, Language
Include minimum experience qualifications, required proficiencies with specialized knowledge, computer proficiencies, etc.
• 5 - 7 years of experience in CyberSecurity domains.
• 3 to 5 years of experience in responding to Security incidents with ability to document remediation steps and lessons learned.
• Bachelor’s degree (or equivalent experience) in computer information systems, programming, engineering or a related field with a minimum 3 years of experience in information security delivering security programs and providing security services.
• Strong knowledge of core IT and Security infrastructures including Active Directory, Microsoft Windows security controls, SIEM, AV, IPS, vulnerability scanners etc.
• Must be able to work with minimal direction in an office without any team members in the same location
• Strong communication, negotiation and analytical skills.
• Strong knowledge of all aspects of information security within the Prevent, Detect and Respond domains.
• Must be highly analytical and detail-oriented, with organizational skills to manage assigned work to completion.
Preferred attributes for the position, which are not required in the minimum qualifications (e.g., master degree)
• CISSP preferred, but not required
• Familiarity with risk assessment, desktop security, and tools and techniques used to provide security controls.