Location: Mountain View, CA
Duration: 12 Months
· Provide backup responsibilities to SOC manager, as required.
· Lead High- and Medium-severity incidents across multiple cross-functional teams leveraging various tools/applications.
· Analyze network traffic and various log data to determine the threat/impact against the network, recommend appropriate countermeasures, and assess damage.
· Efficiently facilitate and expedite the tracking, handling, and reporting of all security events and computer incidents.
· Evaluate and perform incident escalation in accordance with incident response procedures.
· Work with other team members to ensure an effective and efficient cyber incident management system.
· Ensure all pertinent information is obtained to allow the identification, categorization, incident handling and triage actions to occur in a time sensitive environment.
· Provide effective communications to team and department cyber-security personnel regarding cyber incidents and possible countermeasures.
· Lead projects to improve the Security Operations, Incident Response, & Insider Threat program.
· Remediating and applying lessons learned to security incidents.
· Identifying poor security practices and recommending appropriate countermeasures.
· Creating, updating, and finalizing workflows and internal documentation.
· Collect and analyze technical network activity for anomalies that could indicate potential threat issues from current and previous employees, contractors, and/or partners.
· Previous supervisor or lead experience, preferred.
· Previous CIRT/SOC incident management experience required.
· Solid understanding of industry standard policy, processes and procedures covering incident, problem and change management.
· Previous CIRT/NOC/SOC experience implementing and managing trouble ticket assignments and escalation policies.
· Must be able to multitask, work in a fast-paced environment and participate in security incident remediation as needed.
Solid understanding of:
· Security threats and vulnerabilities
· Security technologies and countermeasures Firewall technologies Web system applications and uses TCP/IP networking concepts Windows and UNIX/Linux operating environments Databases vulnerabilities and countermeasures Logging & SIEM solutions
· Desirable industry security certifications such as GCIH, Network+, Security+ Top Secret (TS) Clearance preferred, but not required
Bachelor or associate degree in related technical field of study combined with sufficient relevant work experience
eTeam, Inc. - "Accelerated Hires"
efficiency. synergy. expertise
1001 Durham Avenue
South Plainfield, NJ 07080-2300