Job Summary : Information Security Engineer III
This role is part of Client’s Global Information Security team. This team is
responsible for developing and implementing client’s corporate information
security program. The primary goal of the program is to protect the
confidentiality, integrity, and availability of information resources. Key
information security functions and activities include architecture and design
for client information security controls, developing and enforcing policies and
standards, security awareness training, risk management, assessment, and
testing, monitoring and metrics, incident management, and threat and
vulnerability management.
The Information Security Engineer III shall be responsible for the
day-to-day activities required to respond for both routine and high severity
incidents. The Information Security Engineer III shall work in a collaborative
manner with incident responders, key incident management team members,
management, and other stakeholders to ensure security incidents are contained,
eradicated, remediated and after-action review is held according to corporate
policy. The Information Security Engineer III is expected to contribute
to weekly status calls and is On-Call which includes working off hours/weekends
and respond to ad-hoc requests as part of this position. The Information
Security Engineer III will work with stakeholders and team members to assist
with improving incident response processes that are aligned with the mission of
the office of the CISO.
Key Responsibilities
- As an active member of the team,
monitor and process response for security events on a 24x7 basis.
- Lead Postmortem exercises post
incidents with a focus to identify deficiencies requiring additional
attention.
- Triage, respond to and escalate
security incidents.
- Provide or facilitate the
forensics analysis of security events.
- Leverage automation and
orchestration solutions to automate repetitive tasks.
- Work alongside other security
team members to hunt for and identify security issues generated from the
network, including third-party relationships.
- Evaluate SOC policies and
procedures/playbooks and recommend updates to management as appropriate.
- Coordinate incident response
activities across multiple independently managed environments and security
teams.
- Leverage knowledge in multiple
security disciplines, such as Windows, Unix, Linux, data loss prevention
(DLP), endpoint controls, Public Cloud, and networking, to offer global
solutions for a complex heterogeneous environment.
- Utilize multiple security/threat
intelligence tools and resources to understand threats.
- Analyze and respond to minor and
major incidents, reported SPAM and Phishing e-mails.
- Partner with the detection
engineering team to improve tool usage and workflow, as well as with the
advanced threats and assessment team to mature monitoring and response
capabilities.
- Provide leadership in process
improvement and automation of incident response activities.
- Support 24/7 operations
- Perform other duties as assigned
Requirements
- Strong knowledge of network,
backend systems, operating systems, applications, and web services in a
manner that allows for the interaction of all as it relates to security
and services.
- 5+ Years as a Senior incident
responder/leader of incident response
- Ability to apply analytical
expertise and critical thinking to security incidents
- Ability to assimilate, understand
and utilize various security technologies
- Ability to collaborate within a
geographically distributed team of Incident Response Analysts
- Demonstrated team or functional
leadership experience
- Experience processing and
analyzing intelligence in support of management decision making
- Current Information Security
related certification preferred.
- Current Public cloud related
certification preferred.
- Knowledge of relevant information
security and incident response frameworks such as NIST Cyber Security
Framework, MITRE ATT&CK Framework.
- Strong communication skills and
ability to work in a collaborative atmosphere
- Strong attention to detail
- Ability to deal with ambiguity
and translate high level objectives into detailed tasks
- Ability to prioritize work with
multiple, simultaneous work assignments.
- Ability and willingness to learn
new tools and processes.
- Experience documenting business
processes or technical procedures preferred.