IT Security Manager- Remote

Role: IT Security Manager Location: Remote Duration: Long Term Contract Responsibilities:

• Primarily responsible for the response to and recovery from emerging information security incidents, acting as the focal point leading response efforts and ensuring effective action to contain and remediate the situation
• Respond to cybersecurity incidents and perform triage to assess the severity of the incident and determine the appropriate response.
• Conduct open-source intelligence (OSINT) investigations to identify and track down malicious actors and their tactics, techniques, and procedures (TTPs).
• Participate in red team/blue team exercises to test and improve the organization's incident response capabilities.
• Collaborate with other members of the cybersecurity team to develop and implement security controls and incident response procedures.
• Provide technical guidance and support to junior incident responders as needed.
• Maintain up-to-date knowledge of the latest security threats and trends through continuous learning and professional development.
• Perform forensically sound collections of ESI from laptops, desktops, mobile devices, hard drives, servers and cloud data sources both onsite and remotely.
• Verify, extract and analyze systems, logs and malware data in support of investigations and litigation systems
• Drive efficient, repeatable, proactive, integrated, and mature cyber defense and response
• Supports the investigation of reported security breaches and, in coordination with global security operations, develop procedures to respond to security incidents and assist with investigations
• Contributes to the analysis and delivery of findings to internal customers with impactful, comparative, interpretative security analysis in a clear, consistent, and factual manner.
• Responsible for establishing communications bridges and meetings in support of response efforts
• Responsible for maintaining proper group focus during investigation activities and redirecting efforts in support of timely recovery
• Responsible for aggregating information relevant to the situation and synthesizing probable root cause
• Responsible for developing and recommending best course of action based on solid security principles
• Driving the incident response process from detection through containment and eradication.
• Accountable for documenting all and partner activity, taken in response to emerging situations
• Accountable for the day-to-day review and assessment of security events that may become or contribute to security incidents.
• Ensures work is compliant with enterprise policies, procedures and the local business plan
• Responsible for ensuring appropriate post-mortem and lessons-learned sessions are conducted, following incident restoration of service
• Responsible for organizing and taking part in cross-functional incident exercise activities, ensuring that policy and procedure are followed
• Responsible for ensuring knowledge of IT security and emerging threat scenarios is current
• Responsible for reviewing threat intelligence sources is support of security situational awareness
• Responsible for assisting in the development of vulnerability and threat related communications for potential dissemination to warn employees of an emerging situation
• Responsible for ensuring information arising from incident response activities, that would result in configuration changes or other modifications to ensure security posture, is communicated to the proper operational contacts for execution. Education:
• Bachelor's Degree in Computer Science/MIS or equivalent experience Required Skills:
• 7+ years of total experience in Information Technology
• 3+ years of professional experience in an information security function, including analyzing and applying information security risk management, and privacy practices
• 2+ years in an information security incident handling role
• Strong understanding of network protocols and security technologies, including firewalls, intrusion detection systems, and encryption.
• Experience with open-source intelligence (OSINT) tools and techniques.
• Experience with cloud and physical forensic investigations, delivering executive reports
• Knowledge of red team/blue team exercises and experience participating in such exercises.
• Technical understanding of incident response frameworks and methodologies with a focus on automation.
• Experience with Intel, SIEM, and SOAR platforms, such as, ThreatConnect/MISP, Snowflake/ Splunk, and Swimlane/DeMisto
• Expertise with commercial and open-source digital forensic toolsets such as Encase, AccessData, SIFT, Axiom Flexible working hours to support a global operation Required Interpersonal Skills
• * Experience engaging with executive level individuals during the conduct of incident response
• Excellent oral and written communication ability
• Ability to present complex technical issues and findings to diverse audiences in both technical and non-techn

Apply tot his job Apply To this Job