Cyber Security Incident Response Team Lead
- Job Title
- Cyber Security Incident Response Team Lead
- Job ID
- Detroit, MI 48226
- Other Location
From our start in 2009, Conexess has established itself in 3 markets, employing nearly 150+ individuals nation-wide. Operating in over 15 states, our client base ranges from Fortune 500/1000 companies, to mid-small range companies. For the majority of the mid-small range companies, we are exclusively used due to our outstanding staffing track record.
Who We Are:
Conexess is a full-service staffing firm offering contract, contract-to hire, and direct placements. We have a wide range of recruiting capabilities extending from help desk technicians to CIOs. We are also capable of offering project based work.
Cyber Hunter Lead
The CSIRT (Cyber Security Incident Response Team) Lead/Threat Intel/Cyber Hunter position at is a member of the Information Protection and Risk Management team and works closely with other members of the IPRM program to develop and implement a comprehensive approach to the management of security risks. The lead works with subject matter experts drawn from other teams within IPRM to manage the response to cyber security threats and incidents.
This role is also responsible for working with other team members in responding to security incidents according to established policies and best practices. Additionally the role will have responsibility to incorporate threat intelligence from multiple feeds into existing threat response processes.
- Lead investigations into information security incidents.
- Drive efforts towards containment of threats and remediation of environment during or after an incident.
- Perform complex security investigations and root cause analyses.
- Assemble and coordinate with technical teams and third-party vendors to resolve incidents as quickly and efficiently as possible.
- Ensure that all incidents are recorded and tracked to meet audit and legal requirements where necessary.
- Coordinate ingestion of threat intelligence as it pertains to the response process and relevant vectors of attack.
- Coordinate Cyber Hunting exercises and maintain playbook.
- Oversee direction for SOC team and L1 response procedures.
- Build/Review use cases to be incorporated into response process for real time alerting.
- Deep understanding of network protocols and troubleshooting.
- Deep understanding of server operating systems.
- Broad understanding and experience managing security mitigation solutions at all layers.
- Minimum of three years information security specific experience.
- Bachelor's degree in information systems or relevant field of study Technical Competencies.
- Ability to analyze large data sets and unstructured data for the purpose of identifying trends and anomalies indicative of malicious activity, as well as demonstrated capability to learn and develop new techniques.
- Strong knowledge of current security threats, techniques, and landscape, as well as a dedicated and self-driven desire to research current information security landscape.
- Ability to research, develop, and keep abreast of tools, techniques, and process improvements in support of security detection and analysis in accordance with current and emerging threat and attack vectors.
- Ability to incorporate threat intel data into existing security solutions to monitor or prevent current threat actors.
- Experience with cyber hunting practices/exercises using SIEM, Enterprise search tools, or other solutions.
- Excellent communications skills (verbal and written) are required.
- Excellent problem solving skills and troubleshooting skills with a strong attention to detail.
- Ability to interact with personnel at all levels across the organization and to comprehend business imperatives.