The candidate applies subject matter expertise of Incident Response and Event Management, service oriented architecture, with the ability to tune, configure and automate a variety of security related controls. Candidate is responsible for performing ongoing maintenance, to include ensuring devices comply with enterprise security policies.
Serve as a technical lead for tasks, including enterprise security prevention, detection, and response capabilities. You’ll be conducting event detection, incident triage, incident handling, and remediation. Handle major high impact incidents, generate clear, concise recommendations, and coordinate activities and professional communications across a range of stakeholders. Work closely with other security teams to develop, tune, automate, and enhance network- and host-based security devices and support the incident response flyaway team with managing the response to client Cyber intrusions, including performing extensive network and host triage, maintaining strict chain-of-custody, developing documentation and reports, and performing remediation, as required.