All roles

Senior Cyber Security Incident Responder

Remote · USA Full-time New today

About the position arenaflex's offered Cyber Security Incident Response Team (CSIRT) service will constitute of a designated CSIRT Lead Responder as a full-time resource, who will work as a contact and communications point between arenaflex's security services team and Customer's security and IT staff as well as users and other important stakeholders. The CSIRT Lead Responder will also be responsible for operate the incident management process in accordance with the procedures designed in cooperation with Customer. The CSIRT Lead will be an expert in the field of security incident response with strong leadership and organization skills. Successful candidates typically experience with strong focus on Incident Response as well as technical Certifications to reinforce their practical experience. The CSIRT Lead has strong coordination, communication and collaborations skills as well as a good technical and architectural understanding. On a day-to-day basis the CSIRT Lead will assist with identification and response to incidents as well as proactively propose improvements for how to reduce risk and potential future incidents. The CSIRT Lead will be expected to be the Incident Commander for any P1 incidents or those that require complex coordination and frequent reporting / updates.

Responsibilities

  • Work with senior management to develop and maintain CSIRT process and practice documents
  • Lead CSIRT service transition and serve as a trusted advisor to manage customer expectations
  • Establish and maintain effective communication relationships with clients
  • Review incident response activities and documentation efforts of the support team and provide feedback as necessary
  • Provide or arrange for necessary training for the support team on CSIRT methods and/or security tooling used in the client environment
  • Receive and monitor incident information from arenaflex managed security services and other sources
  • Oversee creation of Threat Intel Reports for security threats that might impact the client environment or have interest to the client
  • Review the collected incident data and confirm or reject incidents based on the analysis
  • Classify and prioritize incidents based on established criteria
  • Facilitate communication between stakeholders of the status of the incidents with weekly and/or monthly meetings and reports
  • Coordinate at least annual Table Top Exercises for the team and client security team training needs
  • Coordinate the containment effort based on the available information and established processes
  • Make containment decisions and facilitate decision making by other parties using established escalation process
  • Communicate with the affected users and stakeholders to organize the containment effort
  • Verify the effectiveness of containment actions taken
  • Identify the attack vector of used by incident and confirm take actions to confirm that similar incidents are prevented in the future
  • Validate the effectiveness of the eradication actions
  • Coordinate forensics and law enforcement activities with officials if necessary
  • Coordinate the recovery actions; confirm that the recovery effort was successful; and confirm that all temporary containment efforts have been removed
  • Update stakeholders on the status of the recovery effort
  • Conduct a root cause analysis for Critical or High incidents
  • Communicate the results of the root cause analysis to Customer and stakeholders to prevent similar incidents in the future
  • Analyze the incident response effort, with feedback from Customer and third parties
  • Identify and analyze any mistakes as well as good decisions done during response process
  • Use the results of the analysis as an input for improvements, such as incident response process changes or changes in security monitoring Requirements
  • Bachelor's degree or four or more years of work experience
  • Four or more years of relevant work experience in a cybersecurity capacity, responding to cybersecurity incidents, triaging, and/or investigating cybersecurity incidents Nice-to-haves
  • Bachelor's degree or Master's degree in Computer Science, Cyber Security or related technical or business field
  • Strong background in CSIRT and SIEM technologies
  • Splunk experience and certification
  • Proven background using various EDR tools like Carbon Black, Crowdstrike or Tanium
  • Strong communication skills and ability to engage with customers at both technical and executive levels
  • Clear and concise written and oral communication, including the ability to produce professional-level documentation
  • Strong problem-solving and security analytics skills; able to identify gaps in processes and recommend improvements for mitigation
  • Strong leadership skills and a proactive approach to customer issues with background leading a remote team
  • Ability to excel in high pressure environments
  • SANS or other Security Certifications, such as GCIA, GCIH, GCFE, GREM, GPEN, CEH
  • CISSP Certification
  • CISM Certification
  • ITIL Foundations training / Certification
  • Significant experience with how to structure and operate an efficient Incident Response process
  • Knowledge of common types of malware, their infection vectors, how to identify them using network and host based tools, how to eradicate them and verify the success of eradication efforts
  • Knowledge of current security threats and vulnerabilities, how to detect and mitigate them, ability to understand their possible consequences on the customer's environment
  • Understanding of modern technologies used to detect malware and vulnerabilities and protect assets
  • Understanding of modern network and cloud technologies Benefits
  • Medical, dental, vision insurance
  • Short and long term disability
  • Basic life insurance, supplemental life insurance, AD&D insurance
  • Identity theft protection
  • Pet insurance
  • Group home & auto insurance
  • Matched 401(k) savings plan
  • Stock incentive programs
  • Up to 8 company paid holidays per year
  • Up to 6 personal days per year
  • Parental leave
  • Adoption assistance
  • Tuition assistance
  • Premium pay such as overtime, shift differential, holiday pay, allowances
  • Up to 15 days of vacation per year, which grows with additional service Apply tot his job

Apply tot his job Apply To this Job

Apply

Related roles

Incident Response Consultant (Remote, GBR)

Remote · USA Full-time

Cyber Incident Response & Management Co-Lead

Remote · USA Full-time

CyberSecurity Defense Operations Analyst

Remote · USA Full-time

Sr Cybersecurity Threat Researcher

Remote · USA Full-time

Security Researcher, Malware Triage; Remote

Remote · USA Full-time

Trauma Registry Compliance Analyst

Remote · USA Full-time

Part Time Remote Data Entry Clerk for Exceptional Customer Service and Technical Support Experience

Remote · USA Full-time

Experienced Data Entry Clerk – Full Time/Part Time Opportunity with arenaflex

Remote · USA Full-time

Data Entry Clerk - Work From Home - %100 Remote

Remote · USA Full-time

High Paying arenaflex Remote Data Entry Jobs for Teens and Young Adults Seeking Flexible and Rewarding Career Opportunities

Remote · USA Full-time

Experienced Customer Care Professional – Data Entry (Remote) $25/Hour – arenaflex

Remote · USA Full-time

Customer Service Representative (Remote)

Remote · USA Full-time

Test Automation Engineer (Contract)

Remote · USA Full-time

Sales Development Team Lead, Inbound (Remote)

Remote · USA Full-time

[Remote-Position] Full-Time, Short-Term Educational Programming

Remote · USA Full-time

Billing Service Specialist

Remote · USA Full-time

Mortgage Loan Processor (Wholesale Experience Required) – Remote

Remote · USA Full-time

Online Order Filling Team Associate

Remote · USA Full-time

Experienced Full Stack Customer Success Advocate – Remote Live Chat Support Specialist

Remote · USA Full-time

Experienced Customer Experience Chatroom Operator – Remote Conversion Improvement Team

Remote · USA Full-time