fulltimejobs.com
Jobs in Australia Jobs in Canada Jobs in China Jobs in France Jobs in Germany Jobs in India Jobs in Indonesia Jobs in Japan Jobs in Malaysia Jobs in Pakistan Jobs in Philippines Jobs in Russia Jobs in Singapore Jobs in Taiwan Jobs in Thailand Jobs in U.K. Jobs in USA Jobs in World Wide

Job Details
Email to Friend Save Back

Lead Security Engineer

SUGAR LAND-77487, TX, US
 01/12/2017

-

Required Skills

    CISA
Company

Infinity Consulting Solutions, Inc

Experience

2 to 8 Year(s)

Job Description

The Computer Security Incident Response Team (CSIRT) lead is in the front line of defense against security incidents directed at the IT platforms and automated information systems (IT security incidents) of the company.


This team is the focal point for the execution of the response process and coordination of relevant parties when an information security incident occurs.

The team is also responsible for maintaining the preparedness of company for effective response and for supporting other teams responding to incidents that have peripheral security implications.

This role reports to the Director, Security Operations.

During high-impact incidents, the CSIRT lead may be required to brief senior management directly and interact with the crisis management team.

Responsibilities


IT Security Incident Preparedness

The CSIRT lead will develop, maintain or support an intelligence capability to identify current and emerging IT security risks to the organization.

The CSIRT lead will:

• Act as a liaison between industry peers, government agencies (including law enforcement) and other specialists.

• Utilize commercial intelligence providers to gain insight into existing activities in the hacker and fraudster communities, as well as planned activities and emerging motivations.

• Coordinate with the security operations center, provided internally or by an external managed security services provider, to identify and assess IT security incidents.

• Advise the Information Security Steering Committee of significant emerging threats, and recommend tactical steps to counteract these threats.

The CSIRT lead will exercise or support the preparedness of various parts of the organization to respond to IT security incidents via the following activities:

• In consultation with the EMEC team, develop and deliver desktop preparedness exercises at the executive committee level, at least annually.

• Participate in industry exercises.

1.1.1 IT Security Incident Management

Leading the organization's response to IT security incidents, the CSIRT lead will perform the following tasks:

• Develop and maintain the IT security incident response process, including all required supporting materials.

• Develop functional requirements for roles that will be involved in the CSIRT program.

• Work with business units, IT functions and external providers to ensure that the process is mutually understood and agreed on, and those responsibilities are clear and accepted.

• Act as a liaison throughout the entire organization (including enterprise IT services, lines of business, public relations, legal counsel and customer call centers).

• Initiate the IT security incident response process, and execute decision authority to the extent of the role within that process.

• Ensure execution of the incident response process to the resolution of the incident.

• Ensure generation, maintenance and protection of required incident records, such as investigator journals.

• Organize, participate in and, if required, chair post-incident reviews for presentation to the senior management.

1.1.2 Support

The CSIRT lead will provide specialized security support for other events that fall outside the IT security incident realm, such as fraud attempts based on electronic channels or high-impact outages due to reasons other

than security.

Basic Qualifications:

• 8+ years of technology experience, including troubleshooting and performing root cause analysis of complex IT solutions

• 2+ years of experience working in IT Security Incident Response

• 1+ years of previous experience in a lead level role

• Experience working with security incident management processes and tools

Preferred Qualifications:

• A bachelor's degree (information systems, computer science, accounting, finance, business)

• Industry- specific certifications in information security, including one or more of the following: CISA, CISSP, CISM, GIAC or equivalent certification

• Strong communication skills with a proven ability to understand key concepts and communicate with technical staff, lines of business and senior management

• Proven ability to build relationships and influence individuals at all levels in a matrixes environment, as well as external vendors and service providers, to ensure that segregation and overlapping roles are identified

and coordinated

• Strong organizational skills and the ability to perform in a command-and-control role under pressure, and the ability to manage multiple priorities with competing demands for resources

• Ability to consume and synthesize intelligence about actors, techniques or situations to identify emerging risk scenarios

• Strong analytical and problem-solving skills

• Proficiency in process formulation and improvement

• Knowledge of IT end-to-end problem management and root cause analysis, which is desirable

• Proficient in working in a fast-paced, complex, dynamic, multicultural business environment

• Knowledge of legal requirements for privacy of personal information from employees and customers


Skills Required: Yrs.

» CISA 0-1 Yrs

» CISSP 0-1 Yrs

» Data Security 8-10 Yrs

» Security Incident Response 8-10 Yrs

» Strong communication skills 8-10 Yrs

» Troubleshooting 8-10 Yrs



Third Party Applications Not Accepted


Security Architect
Information Technology
No Preference
Contract To Hire
Other
1
Candidate Requirements
-
-
Walkin Information
-
-
-
Recruiter Details
Doug Klares
1350 Broadway, Suite 2205, NEW YORK-10018, NY, US
- 
Email to friend Save Back