CYBERSECURITY INCIDENT RESPONSE
Company: Employvision Inc.
Location: New York
Posted on: October 19, 2024
|
|
Job Description:
Job Description Incident Response Team Member (CSIRT Consultant)
Consulting position
Mid-level to senior position - hiring manager expects the person to
come in and hit the ground running. Minimum of 6 years in
Cybersecurity . This role reports directly to the IT Security
Officer contract till December 2024Hybrid Position - 3 days on site
- 2 days work from home after the candidate proves himself for the
first month.Address: NY NY 10019
CSIRT Consultant is a technical expert role within the US
Information System Security (ISS) Team in NY, functionally aligned
to Group's ISS CSIRT team in Head Office, France. US ISS team
oversees and supervise the Information System Security related
matters in the America, including incident response (CSIRT 0 Cyber
Security Incident Response Teams) as part of the Global Follow The
Sun (FTS) model. In this role, CSIRT Consultant role will be
responsible for responding and managing end-to-end Security
Incident Management Lifecycle: Incident Identification, Triage,
Containment, Eradication, Recovery and Lesson Learnt. Person will
be technical point of contact to respond and drive the security
incidents response in the region as part of the global FTS
model.
The consultant will be responsible for following activities:--- The
CSIRT Consultant has a wide spectrum of responsibilities and will
be responsible for following activities (but not limited to) in
day-to-day work:---Identifying and detecting Incidents and taking
immediate action on security incidents including (and not limited
to) DoS attacks, malware attacks, phishing attacks, web attacks.---
End to end ownership in driving and leading Security Incident
Response and Resolution activities.---Participate and support
performing forensics investigations as required to respond to the
Security Incidents.---Responding to Security Threats and
Intelligence alerts & notifications from Group CERT ( Computer
Emergency Response) , Regional Regulators and authorized Threat
Intelligence groups and ensuring appropriate preventive and
detective actions are coordinated and deployed in liaison with IT
Operations teams as per the defined approach and in timely
manner.--- Owning end to end coordination, communications and
deployment of action plans for Threat Advisories or lesson learnt
from Security Incidents.--- Prepare detailed Incident Post-mortem
report and Executive Summary to document the Security Incident
chronology, root cause, remediation and lesson learnt.--- Creating
and updating the incident response plan (IRP) and playbooks and
ensuring periodical review of playbooks to ensure the relevancy of
response actions in current context, including updated information
of all stakeholders involved.---Collaborate with other Geo's CSIRT
team members on security matters and act as a backup to manage
security incident and other security activities in scope as
needed.--- Periodic review of security measures of Networks
(Switches. Routers, Firewall, IPS, etc.) In addition, Systems
(Win*,*NIX, etc.)in support of management of vulnerabilities.---
Support and integrate with incident response, threat intelligence,
and overall security strategy as needed.--- Complete all mandatory
trainings as required to attain and maintain competence.--- Comply
with all applicable legal, regulatory and internal Compliance
requirements, including, but not limited to, the Compliance manual
and Compliance policies and procedures as issued from time to time;
Financial Security requirements, including, but not limited to, the
prevention of Financial Crime and Fraud including reporting
obligations to the Money Laundering Reporting Officer, zone
wide.--- Support and run annual "table-top incidents" exercise with
management.--- Vulnerability management: Ensure vulnerability
remediation process is known followed and at the expected level of
performance--- In case of severe security incident (suspected or
effective attack): Coordination of investigation, mitigation, and
remediation operation in relation with IT operation and application
teams.
Management and Reporting--- Reports to the IT Security Officer
Keywords: Employvision Inc., Scranton , CYBERSECURITY INCIDENT RESPONSE, Other , New York, Pennsylvania
Click
here to apply!
|