Provides leadership and high level Systems Security Support managing tool cyber activity. Performs security event and incident correlation using information gathered from a variety of sources within the enterprise. Performs cyber incident triage to include determining scope, urgency, and potential impact; identify the specific vulnerability and make recommendations which enable expeditious remediation. Tracks and documents cyber incidents from initial detection through final resolution. Analyzes and assesses damage to the data/infrastructure as a result of cyber incidents Performs cyber engineering trend analysis and reporting.
Minimum Education: B.S. or equivalent experience in related field Minimum/General Experience: 8 years of related experience Experience working with a Cybersecurity Operations Center environment desired Experience with COTS technologies used in a Cybersecurity Engineering environment desired IAT Level II (GSEC, Security+, SSCP, or CCNA-Security) certification required
Demonstrated technical experience in:
Proficient in Windows and Linux operating systems. Working knowledge of current COTS Cybersecurity technologies. Working knowledge of database and operating system security. Understanding of latest security principles, techniques, and protocols. Ability to function in a fast-paced environment and effectively manage multiple tasks simultaneously; coordinating resources and ensuring scheduled goals are met. Excellent verbal and written communication skills are required. Must have experience working with various event logging systems and must be proficient in the review of security event log analysis. Previous experience with Security Information and Event Monitoring (SIEM) platforms such as Arcsight, that perform log collection, analysis, correlation, and alerting is also required. Ability to effectively interact with various levels of senior management is necessary. Ability to make decisions and resolve problems effectively - Seek out information and data to evaluate, prioritize and formulate best solution or practice. Must be able to multi-task, work independently and as part of a team, share workloads, and deal with sudden shifts in project priorities.