Cyber Security Operations Incident Commander - Remote - Georgia Tek Systems
Raritan, NJ
About the Job
Cyber Security Operations Incident Commander
Location: Raritan, NJ or Remote
Duration: 6+ months
Job description:
Responsibilities include but are not limited to:
• In this role, as an Incident commander, you will be a decision maker during a major incident
• Evaluates and ensures the resolution of technically sophisticated security issues, internal control issues, critical incidents and/or crisis resolution management
• You will focus on creating and maintaining an incident action plan
• Managing security incidents related to Pharmaceutical's 3rd party vendors and partners
• Delegating tasks within the CSOC and collecting pertinent information from various data sources to support an investigation
• Partnering with internal teams such Digital Command Center, DBRT, Privacy and legal as part of the greater Incident response process
• Maintain knowledge of applicable Security Operations policies, regulations, and compliance documents specifically related to security
• Establish and maintain relationships with the suppliers, vendors, and partners with federal agencies along with the overall information security industry
• Provide actionable intelligence through written and verbal products to a diverse audience, including business partners, senior leaders, and security analysts
Requirements:
• A minimum of a bachelor's degree is required
• A minimum of 5 years of Information Security/ IT Risk Management/IT experience with growing technical responsibilities
• At least 3 years security operations experience is preferred
• Knowledge, understanding of cloud technologies/services (Virtual Private/Hybrid Cloud, SaaS, IaaS, PaaS, DBaaS) and the appropriate logging, controls and processes to secure them is preferred
• Experience with structured analysis techniques (Diamond Model, Cyber Kill Chain) as well as a proven understanding of the MITRE Telecommunication&CK framework is preferred
• Experience with common operating systems, services, networking protocols, logging, attacker techniques and tools is preferred
• A solid grasp of the current threat landscape including the latest tactics, tools, and procedures, common malware variants, and effective techniques for detecting this malicious activity is required
• Superb interpersonal, verbal, and written communication skills are required
• Security certifications such as CISSP, SANS GIAC CTI, GCFA, GNFA is preferred
• Experience working with virtual, global teams - including diverse groups of people with multifaceted backgrounds and cultural experience is preferred
• Ability to obtain and maintain a security clearance is required
Location: Raritan, NJ or Remote
Duration: 6+ months
Job description:
Responsibilities include but are not limited to:
• In this role, as an Incident commander, you will be a decision maker during a major incident
• Evaluates and ensures the resolution of technically sophisticated security issues, internal control issues, critical incidents and/or crisis resolution management
• You will focus on creating and maintaining an incident action plan
• Managing security incidents related to Pharmaceutical's 3rd party vendors and partners
• Delegating tasks within the CSOC and collecting pertinent information from various data sources to support an investigation
• Partnering with internal teams such Digital Command Center, DBRT, Privacy and legal as part of the greater Incident response process
• Maintain knowledge of applicable Security Operations policies, regulations, and compliance documents specifically related to security
• Establish and maintain relationships with the suppliers, vendors, and partners with federal agencies along with the overall information security industry
• Provide actionable intelligence through written and verbal products to a diverse audience, including business partners, senior leaders, and security analysts
Requirements:
• A minimum of a bachelor's degree is required
• A minimum of 5 years of Information Security/ IT Risk Management/IT experience with growing technical responsibilities
• At least 3 years security operations experience is preferred
• Knowledge, understanding of cloud technologies/services (Virtual Private/Hybrid Cloud, SaaS, IaaS, PaaS, DBaaS) and the appropriate logging, controls and processes to secure them is preferred
• Experience with structured analysis techniques (Diamond Model, Cyber Kill Chain) as well as a proven understanding of the MITRE Telecommunication&CK framework is preferred
• Experience with common operating systems, services, networking protocols, logging, attacker techniques and tools is preferred
• A solid grasp of the current threat landscape including the latest tactics, tools, and procedures, common malware variants, and effective techniques for detecting this malicious activity is required
• Superb interpersonal, verbal, and written communication skills are required
• Security certifications such as CISSP, SANS GIAC CTI, GCFA, GNFA is preferred
• Experience working with virtual, global teams - including diverse groups of people with multifaceted backgrounds and cultural experience is preferred
• Ability to obtain and maintain a security clearance is required
Source : Georgia Tek Systems
