csirt advisor operational detection, analysis and response

Be the first to see
all new csirt advisor operational detection, analysis and response jobs

csirt advisor operational detection, analysis and response Job Description Template

Our company is looking for a csirt advisor operational detection, analysis and response to join our team.

Responsibilities:

  • Build security utilities and tools for internal use that enables you and your fellow team mates to operate at high speed and broad scale;
  • Create, maintain and promote a set of CSIRT operation playbooks to effectively trigger and execute the security incident response process;
  • Review, analyze and resolve difficult and complex information security incidents;
  • Perform deep dive analysis of malicious artifacts;
  • Take responsibility for successful execution of incident response plan;
  • Identify and recommend process improvements;
  • Work with the Security Response Center analysts on incident response tickets and manage / prioritize queue assignments;
  • Design and coordinate cohesive responses to security events that involve multiple teams across the organization;
  • Provide security control enhancement recommendations based on security incident data;
  • Analyze large and unstructured data sets to identify trends and anomalies indicative of malicious activities;
  • Respond to critical security incidents and lead escalation teams to close with response, containment and remediation;
  • Plan and execute annual Security Incident Response tabletop exercises;
  • Provide situational awareness on the current threat landscape and the techniques, tactics and procedures associated with specific threats;
  • Mature the Security Incident Response process to ensure it meets the needs of the global business and is adhered to;
  • Communicate and build effective relationships with people at all levels.

Requirements:

  • The ability to learn new technologies and concepts quickly;
  • Excellent problem-solving skills with the ability to diagnose and troubleshoot technical issues;
  • Strong knowledge of networking fundamentals;
  • At least 5 to 6 years of directly related experience in Information Security Threat Detection and Incidence response;
  • Excellent command of English, both written and verbal;
  • Familiarization with common protocols and services (FTP, SSH, SMB, LDAP, etc.);
  • Bachelor or master’s degree in Computer Science, Information Systems, or equivalent experience;
  • Customer-oriented with a strong interest in customer satisfaction;
  • Familiarity with various types and techniques of cyber-attacks;
  • Experienced with command-line interfaces;
  • Strong experience in Packet analysis tools (tcpdump, Wireshark, ngrep, etc.);
  • Experience in Log and Event analysis and data correlation;
  • Strong experience in SIEM (Splunk, RSA).