Skip to content

This website works best using cookies which are currently disabled.Cookie policy  Allow cookies
JobServe
 

Job Application

 
 
 

Please answer the following questions in order to process your application.

 
 
Email Address *
 
I certify that I am a U.S. citizen, permanent resident, or a foreign national with authorization to work in the United States. *
 
 
 
File Attachments:
(2MB file maximum. doc, docx, pdf, rtf or txt files only)
 
Attach a Resume * 
 
Optional covering letter 
OR
Clear covering letter
 
 
 * denotes required field
 
 
 
Additional Information:
 
First Name
 
Last Name
 
Address
 
Country
 
Home Telephone
 
Mobile/Cell
 
Availability/Notice
 
Salary Expectation USD
 
Approximately how far are you willing to travel to work (in miles) ?
 
 
 

Key Privacy Information

When you apply for a job, JobServe will collect the information you provide in the application and disclose it to the advertiser of the job.

If the advertiser wishes to contact you they have agreed to use your information following data protection law.

JobServe will keep a copy of the application for 90 days.

More information about our Privacy Policy.

 
 

Job Details

 

Incident Response Handling Manager (Full Time)

Location: Northbrook Illinois Country: United States of America Rate: 145K + Bonus
 

Fusion Center Incident Handling Manager

Looking for a candidate to manage over Incident handling, incident response and forensic teams.

The individual in this role will manage the Fusion Center incident handling, incident response, and forensics teams by way of mentoring, capacity management, performance management, and incident review.

Key Responsibilities

Provide day-to-day oversight for incident handling, incident response, and forensic teams.
Review all incidents and participate in all shift turnover meetings.
Lead weekly incident review meetings with L2 and L3 incident handlers.
Manage relationship with MSSP vendor and ensure that SLAs are being met.
Maintain and enhance team training and career advancement plans.
Must be able to manage multiple priorities and projects at once.
Responsible for overall ownership of all incident handling, incident response, and forensics playbooks, procedures, and workflows.
Participate in weekly IH/IR and SIEM engineering calls to drive down false positives of SIEM content.
Serve as a subject matter expert as it pertains to the incident handling and incident response processes.
Possess a proactive mindset of always improving existing processes.
Develop and enhance team onboarding procedures.

Qualifications

The ideal candidate will have 10+ years incident handling and incident response experience. They should have technical knowledge of network security, operating system security, vulnerability management, common attacker techniques and exploits, encryption, and SIEM. They should know how to lead investigations and direct incident handlers and question the investigative process being followed. They should have experience in writing both technical incident investigation reports as well as reports for senior leadership. They must be able to manage multiple initiatives at once in addition to day-to-day operations. They should have experience in managing teams of 8 or more people and providing mentorship.

In addition, the ideal candidate must have the following knowledge/experience:
Advanced incident investigation and response experience
Advanced log parsing and analysis skill sets
Advanced knowledge of networking fundamentals (TCP/IP, network layers, Ethernet, ARP, etc.)
Moderate knowledge of Windows, Unix/Linux, and Mac operating systems
Moderate knowledge of SIEM technologies and use case design
Moderate knowledge of malware operations and indicators
Moderate knowledge of network defenses such as Firewalls, IDS/IPS, Packet Capture, Proxies
Moderate experience with Scripting
Moderate knowledge of forensic techniques
Moderate knowledge of audit requirements (PCI, HIPPA, SOX, etc.)

Security Certifications Preferred (Including but not limited to the following):
Certified Information Systems Security Professional (CISSP)
Certified Incident Handler (GCIH)
Certified Intrusion Analyst (GIAC)
Certified Ethical hacker (CEH)
Certified Expert penetration tester (CEPT)
Networking Certifications (CCNA, etc.)


Posted Date: 20 Sep 2019 Reference: JSROBYNINCIDNENN Employment Agency: Request Technology - Robyn Honquest Contact: Robyn Honquest