Cyber Security/Lead Investigator

Cyber Security/Lead Investigator

03 Aug 2024
Michigan, Usmi 00000 Usmi USA

Cyber Security/Lead Investigator

Vacancy expired!

Job Description

  • Title: Lead Investigator/Cyber Security Consultant
  • Location: Northville, MI
  • Duration: Long term

Note: Candidates can Work remote (WFH) during pandemic and onsite once itis settled.

Lead Investigator/Cyber Security Consultant

Summary

The Lead Investigator is responsible for Designing, Transitioning & maintaining operations of day-to-day CSIRT Function (Computer Security Incident Response Team).LI will be responsible for cross functional interaction with all the stakeholder while owning & driving overall deliverable of CSIRT Function.

High level Scope Expected by Client

  • Designing, Transitioning and maintaining operations of Group CSIRT (Computer Security Incident Response Team)
  • Conduct incident handling and response efforts classifying, escalating and remediating incidents.
  • Coordinate the technical response and investigation efforts with regional investigators
  • Advise regional investigators on containment on rapid system and service recovery.
  • Adjusting/implementing triaging protocols and update Incident Response Plan
  • Handling various security tools available at client site including vulnerability management, SIEM to analyze indicator of compromise
  • Build strategy with stakeholders in line with Incident respond area
  • Improve the current process of incident response operations
  • Provide training and coaching for CSIRT team

<Incident Handling>

  • Incident Reporting
  • Notify CSIRT members and/or appropriate personnel, and regularly updating the Cyber Security Incident status.
  • Assign incident # and document investigation process
  • Incident Classification
  • Determine and assigns the severity levels
  • Monitor and review the incident status to determine if the incident should be reclassified
  • Incident Resolution
  • Conduct analysis of security incidents and perform root cause analysis
  • Assists with containment of threats and remediation of environment during or after security incidents.
  • Create final report with lessons learned
  • Post-incident Reflection
  • Analyze Cause of incidents and support counter measure planning
  • Initiating follow-up actions to reduce likelihood of recurrence, as appropriate

<Proactive and preventive Measure>

  • Security Incident Trend Analysis
  • Investigating new security vulnerabilities, threats and proper response
  • Suggest counter measures for Kaizen activities.
  • Incident Response Plan improvement
  • Tests and updates the Incident response plan periodically

Report and Documentation

  • Documents and records decisions, actions, procedures, pertaining to incident response plan
  • Information Dissemination
  • Disseminate security incident trend information from Japan CSIRT and external sources
  • Work with stakeholders in the group to assess and apply counter measures

Qualifications

Qualification :

  • BA/BS degree or higher in International Relations, Security Studies, Intelligence Studies, Cyber Security, Computer Science, or related field
  • CISSP Certification is plus.
  • 10+ years of experience in the field of Cyber Security preferably with Fortune 500 company.
  • 4+ years of experience in managing CSIRT & SOC operation for organization.
  • 3+ years of experience leading high-functioning teams
  • Experience with collecting, analyzing, and interpreting qualitative and quantitative data from multiple sources
  • Proficient in Incident Management and Response
  • In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc.
  • Experience in threat management
  • Knowledge of various operating system flavors including but not limited to Windows, Linux, Unix
  • Knowledge of applications, databases, middleware to address security threats against the same.
  • Proficient in preparation of reports, dashboards and documentation
  • Excellent communication and leadership skills
  • Experience in performing vendor management
  • Ability to handle high pressure situations with key stakeholders
  • Good Analytical skills, Problem solving and Interpersonal skills
  • Working knowledge and experience with MS office with proficiency in Excel
  • Experience with cyber, incident response and digital forensics, security engineering, security operations, computer network operations, information operations, information warfare, or topical cyber

High level Scope Expected by Client

  • Designing, Transitioning and maintaining operations of Group CSIRT (Computer Security Incident Response Team)
  • Conduct incident handling and response efforts classifying, escalating and remediating incidents.
  • Coordinate the technical response and investigation efforts with regional investigators
  • Advise regional investigators on containment on rapid system and service recovery.
  • Adjusting/implementing triaging protocols and update Incident Response Plan
  • Handling various security tools available at client site including vulnerability management, SIEM to analyze indicator of compromise
  • Build strategy with stakeholders in line with Incident respond area
  • Improve the current process of incident response operations
  • Provide training and coaching for CSIRT team

If interested, please respond with your updated resume to Jay.sankar (at) comtecinfo.com or can reach me directly at 972-666-5061.

Additional Information

All your information will be kept confidential according to EEO guidelines.

If interested, please respond with your updated resume to Jay.sankar (at) comtecinfo.com or can reach me directly at 972-666-5061.

Job Details

  • ID
    JC4471804
  • State
  • City
  • Job type
    Contract
  • Salary
    N/A
  • Hiring Company
    comtecinfo
  • Date
    2020-07-30
  • Deadline
    2020-09-28
  • Category

Jocancy Online Job Portal by jobSearchi.