Skip to content

 

Charlotte North Carolina - 140-165K + Bonus Full Time Posted: Monday, 11 November 2019
 
 
Applicants must be eligible to work in the specified location

Prestigious Fortune 500 Company is currently seeking a Global Sr. Manager of Incident Response and Handling. Candidate will manage the incident handling, incident response, and forensics teams by way of mentoring, capacity management, performance management, and incident review. Candidate will partner with other Security areas and the larger information security program to assist in incident investigation, collaboration, and communication.

Responsibilities:

Provide day-to-day oversight for incident handling, incident response, and forensic teams.
Review all incidents and participate in all shift turnover meetings.
Lead weekly incident review meetings with L2 and L3 incident handlers.
Manage relationship with MSSP vendor and ensure that SLAs are being met.
Maintain and enhance team training and career advancement plans.
Must be able to manage multiple priorities and projects at once.
Responsible for overall ownership of all incident handling, incident response, and forensics playbooks, procedures, and workflows.
Participate in weekly IH/IR and SIEM engineering calls to drive down false positives of SIEM content.
Serve as a subject matter expert as it pertains to the incident handling and incident response processes.
Possess a proactive mindset of always improving existing processes.
Develop and enhance team onboarding procedures.

Qualifications:

Candidate will have 10+ years incident handling and incident response experience, and have technical knowledge of network security, operating system security, vulnerability management, common attacker techniques and exploits, encryption, and SIEM. Candidate should know how to lead investigations and direct incident handlers and question the investigative process being followed. Candidate should have experience in writing both technical incident investigation reports as well as reports for senior leadership, and must be able to manage multiple initiatives at once in addition to day-to-day operations.

Advanced incident investigation and response experience
Advanced log parsing and analysis skill sets
Advanced knowledge of networking fundamentals (TCP/IP, network layers, Ethernet, ARP, etc.)
Moderate knowledge of Windows, Unix/Linux, and Mac operating systems
Moderate knowledge of SIEM technologies and use case design
Moderate knowledge of malware operations and indicators
Moderate knowledge of network defenses such as Firewalls, IDS/IPS, Packet Capture, Proxies
Moderate experience with Scripting
Moderate knowledge of forensic techniques
Moderate knowledge of audit requirements (PCI, HIPPA, SOX, etc.)

Security Certifications Preferred:

Certified Information Systems Security Professional (CISSP)
Certified Incident Handler (GCIH)
Certified Intrusion Analyst (GIAC)
Certified Ethical hacker (CEH)
Certified Expert penetration tester (CEPT)
Networking Certifications (CCNA, etc.)
Platform Certifications (Microsoft, Linux, Solaris, etc.)


Charlotte North Carolina, United States of America
IT
Executive
140-165K + Bonus
Craig Johnson 
JSCJ-SRINCIDENTMAN
11/11/2019 2:21:48 PM

About Request Technology - Craig Johnson
You may be just a keystroke away from fulfilling yourREQUEST for success...REQUEST is an executive search firm specializing in recruiting Information technology professionals for organizations in the...

We strongly recommend that you should never provide your bank account details to an advertiser during the job application process. Should you receive a request of this nature please contact support giving the advertiser's name and job reference.