Cyber incident response, Apps security testing, Cyber tech intelligence, Penetration testing
Full Time, C2H Corp-To-Corp, C2H Independent, C2H W2
Depends On Experience
Telecommuting not available Travel not required
REQUIREMENT IS FOR A FTE OR CONTRACT-TO-HIRE
- Manage and coordinate operational components of incident management, including detection, response and reporting.
- Manage production issues and incidents, and participate in security investigations.
- Provides second- and third-level support and analysis during and after a Cybersecurity incident.
- Acts as a liaison between incident response leads and other functional subject matter experts
- Monitor system logs, SIEM tools and network traffic for unusual or suspicious activity. Interpret such activity and make recommendations for resolution.
- Investigate and resolve security violations by providing postmortem analysis to illuminate the issues and possible solutions.
- Design, coordinate and perform security testing to verify the security of systems, networks and applications, and manage the remediation of identified risks.
- Define security control requirements for the web environment and related infrastructure services to ensure that access to information, application functions, storage, networks, and data processing systems are adequately safeguarded
- Perform application security testing to identify cyber risks for applications belonging to League office and the teams
- Perform penetration testing of applications and networks
- Maintain current and establish new reporting methods of Cybersecurity intelligence analysis; deliver situational awareness and making cyber intelligence actionable.
- Automate security threat monitoring to collect and generate cyber intelligence to uncover attacks not detected with traditional signature or rule based methods.
- Administer Cybersecurity intelligence process to ensure security threat information, system log information, and sources of external intelligence are combined to provide real time response to cyber events.
- Develops Cybersecurity processes and procedures, and support service-level agreements (SLAs) to ensure that security controls are managed and maintained.
- Define executive reporting strategies and maintain metrics that effectively communicate successes and progress of the security program.
- 3-5 years of experience in the Cybersecurity area
- Possess the ability to weigh business risks and ensure compliance with appropriate Cybersecurity measures.
- Possess a high energy level and strong work ethic with a commitment to continuous improvement in a dynamic and changing environment that strives to exceed expectations.
- Experience with the tools used in Cybersecurity event analysis, incident response, and computer forensics.
- Experience in application technology security testing
- Experience in vulnerability scanning and penetration testing
- Experience with security related technologies / tools covering Cyber Threat Intelligence, Security Information Event Management, Cyber Incident Response and Application Security
- Outstanding interpersonal and communication skills
- Ability to manage multiple priorities and deal effectively with the senior management, staff members, and vendors.
- Ability to exercise discretion and use independent judgment in making decisions and work with minimal functional guidance.
- Must possess a high degree of integrity and trust along with the ability to work independently
- Excellent written and verbal communication skills
- Must have the ability to quickly master, simplify, and communicate the value proposition of complex subjects to stakeholders.
- Working experience with Linux/Unix and Windows operating systems and administrative tools
- Understanding of security controls for common platforms and devices, including Windows, Unix, Linux, and network equipment
- Knowledge of NIST 800-53, COBIT, ISO 27001/02
- Ability to travel up to 20%
Educational Background Required
Bachelor’s degree in Computer Science, Information Systems or a technically related discipline preferred
Michelle writes about cyber security as well as how to protect your data online. She has worked in internet technology for over 20 years Michelle earned a B.S. in Engineering from Rensselaer Polytechnic Institute. She conducts workshops focused on web technologies and enjoys public speaking along with her connected rescue mutt.