Security Specialist/Info Security Specialist
Are you a versatile self-starter with demonstrated ability to take initiative and work independently with attention to detail? Then, Apply Now!
Working with one of the top financial clients this role calls for a Security Specialist/Info Security Specialist who will be responsible for leading the cyber security operations team responsible for carrying out 24×7 on-site security monitoring operations. This candidate will be accountable for a smooth transition of cyber security operations between shifts and sites if required. The ideal candidate has solid experience of 10-15 years and is someone who has already worked on M&A projects and has expertise in Incident response, SIEM, DLp and cloud security.
- Ensure the proper handling and escalation of security events by the shift internally and/or call for the incident to Cyber Security Incident Response Team (CSIRT) for further investigation, treatment or support if needed.
- Ensure that the event queue in the internal ticketing system is managed in a timely and accurate manner in order to resolve a multitude of information security-related situations.
- Ensure that the intake process is followed, incidents and reports from internal customers are properly recorded, timely updated, followed up and closed as per the agreed SLA level ensuring quality and accuracy in reporting.
- Conduct a post events review to ensure the quality and completeness of the security investigation performed by the team.
- Ensure that standard operating procedures are followed by all team members, the operational controls are functioning, and all controls' artifacts required for audit are properly collected and maintained.
- Being able to guide the team to identify, triage and remediate security incidents such as Malware, Phishing and Web Attacks is required.
- Lead various CSOC Programs (ex. Use Case Tuning, DLP, Event Management Workflows, Reporting, Automation etc) working with Senior team members to ensure stable and secure CSOC operations. Lead efforts to continuously improve the CSOC process and people.
- Design, document and implement the alert management, response and remediation framework for security monitoring of on-premise and cloud assets.
Desired skill set:
- 10 years of experience with SIEM and UEBA solutions such as Splunk, RSA Netwitness suit, ArcSight, LogRhythm, QRadar
- 10 years of experience with Security Orchestration, Automation and Response tools (SOAR) such as Cyber Response, Demisto, Phantom, ServiceNow
- 5 years of experience in Enterprise IT operations, incident management, change management, Access/Identity Management, Security Operations, vulnerability and compliance management, ticketing system, incident ticket life cycle and SLA terms
- 2 years of solid expertise with Cloud Security Monitoring with Azure Security Center, Microsoft MCAS, and AWS.
- Strong communication, Organizational and leadership skills
- Ability to Work independently
- Completion of at least three of the following: GIAC (GCIA, GPEN, GWAPT, GCIH, GSEC, etc), CCNP, CCNA, CISSP, CCSP, CISM, CISA
Nice to have:
- Understanding of Security principles, techniques and technologies such as NIST Cybersecurity Framework, SANS Top 20 Critical Security Controls and OWASP Top 10.
- Basic programming skills in various disciplines including scripting languages
BeachHead is an equal opportunity agency and employer. We advocate for you and welcome anyone regardless of race, color, religion, national origin, sex, physical or mental disability, or age.