Lead Security Engineer
SUGAR LAND-77478, TX, US
11/08/2016
-
Required Skills
Company
Infinity Consulting Solutions, Inc
Experience
-
Job Description
The Computer Security Incident Response Team (CSIRT) lead is in the front line of defense against security incidents directed at the IT platforms and automated information systems (IT security incidents) of the company.
This team is the focal point for the execution of the response process and coordination of relevant parties when an information security incident occurs.
The team is also responsible for maintaining the preparedness of company for effective response and for supporting other teams responding to incidents that have peripheral security implications.
This role reports to the Director, Security Operations. During high-impact incidents, the CSIRT lead may be required to brief senior management directly and interact with the crisis management team.
Responsibilities
IT Security Incident Preparedness
The CSIRT lead will develop, maintain or support an intelligence capability to identify current and emerging IT security risks to the organization. The CSIRT lead will:
• Act as a liaison between industry peers, government agencies (including law enforcement) and other specialists.
• Utilize commercial intelligence providers to gain insight into existing activities in the hacker and fraudster communities, as well as planned activities and emerging motivations.
• Coordinate with the security operations center, provided internally or by an external managed security services provider, to identify and assess IT security incidents.
• Advise the Information Security Steering Committee of significant emerging threats, and recommend tactical steps to counteract these threats.
The CSIRT lead will exercise or support the preparedness of various parts of the organization to respond to IT security incidents via the following activities:
• In consultation with the EMEC team, develop and deliver desktop preparedness exercises at the executive committee level, at least annually.
• Participate in industry exercises.
1.1.1 IT Security Incident Management
Leading the organization's response to IT security incidents, the CSIRT lead will perform the following tasks:
• Develop and maintain the IT security incident response process, including all required supporting materials.
• Develop functional requirements for roles that will be involved in the CSIRT program.
• Work with business units, IT functions and external providers to ensure that the process is mutually understood and agreed on, and those responsibilities are clear and accepted.
• Act as a liaison throughout the entire organization (including enterprise IT services, lines of business, public relations, legal counsel and customer call centers).
• Initiate the IT security incident response process, and execute decision authority to the extent of the role within that process.
• Ensure execution of the incident response process to the resolution of the incident.
• Ensure generation, maintenance and protection of required incident records, such as investigator journals.
• Organize, participate in and, if required, chair post-incident reviews for presentation to the senior management.
1.1.2 Support
The CSIRT lead will provide specialized security support for other events that fall outside the IT security incident realm, such as fraud attempts based on electronic channels or high-impact outages due to reasons other
than security.
Basic Qualifications:
• 8+ years of technology experience, including troubleshooting and performing root cause analysis of complex IT solutions
• 2+ years of experience working in IT Security Incident Response
• 1+ years of previous experience in a lead level role
• Experience working with security incident management processes and tools
Preferred Qualifications:
• A bachelor's degree (information systems, computer science, accounting, finance, business)
• Industry- specific certifications in information security, including one or more of the following: CISA, CISSP, CISM, GIAC or equivalent certification
• Strong communication skills with a proven ability to understand key concepts and communicate with technical staff, lines of business and senior management
• Proven ability to build relationships and influence individuals at all levels in a matrixes environment, as well as external vendors and service providers, to ensure that segregation and overlapping roles are identified
and coordinated
• Strong organizational skills and the ability to perform in a command-and-control role under pressure, and the ability to manage multiple priorities with competing demands for resources
• Ability to consume and synthesize intelligence about actors, techniques or situations to identify emerging risk scenarios
• Strong analytical and problem-solving skills
• Proficiency in process formulation and improvement
• Knowledge of IT end-to-end problem management and root cause analysis, which is desirable
• Proficient in working in a fast-paced, complex, dynamic, multicultural business environment
• Knowledge of legal requirements for privacy of personal information from employees and customers
Skills Required: Yrs.
» CISA 0-1 Yrs
» CISSP 0-1 Yrs
» Data Security 8-10 Yrs
» Security Incident Response 8-10 Yrs
» Strong communication skills 8-10 Yrs
» Troubleshooting 8-10 Yrs
Third Party Applications Not Accepted
Security Architect
Information Technology
No Preference
Contract Only
Other
1
Candidate Requirements
-
Bachelors
Walkin Information
-
-
-
Recruiter Details
Doug Klares
1350 Broadway, Suite 2205,
NEW YORK-10018, NY,
US
-