Job Description Description:
- Oversee the everyday functions of a proactive Cyber Defense Center, ensuring all objectives related to service levels are consistently met.
- Handle cybersecurity incidents, undertake containment measures, and execute thorough forensic inquiries.
- Facilitate collaboration with multiple internal divisions for cohesive response to cybersecurity issues.
- Evaluate shortcomings revealed by security breaches and suggest enhancements to safeguard measures.
- Craft, refine, and uphold procedures and guidelines for handling incidents.
- Implement and innovate scenarios for threat detection in Security Information and Event Management systems.
- Examine logs and security event information to initiate advanced threat hunting activities.
- Pursue ongoing education on emerging cyber threats and system vulnerabilities to heighten the team's response efficiency and skills.
- Provide support in simulated cyber attack drills and penetration testing engagements.
Experience/Qualifications
- Undergraduate degree in Cybersecurity, Computer Science, or a similar field, or an equivalent blend of education and relevant professional experience.
- A minimum of three years' proven track record in managing Security Operations and reacting to cybersecurity incidents.
- Skilled in utilizing SIEM tools like Splunk or ELK for data analysis and security insights.
- Proficient in both offensive and defensive cyber tactics, preferably with knowledge of the MITRE ATT&CK framework or comparable methodologies.
- Solid grounding in cybersecurity tools and solutions including, but not limited to, intrusion detection and prevention systems, Web Application Firewalls (WAFs), Endpoint Detection and Response (EDR) platforms.
- Good understanding of network protocols, diverse operating systems, and foundational cybersecurity concepts and tech.
- Certifications such as CISSP, CISM, GCIA, GCIH, GCFE, GCFA, GREM, Splunk Power User, or similar credentials will be a distinct asset.
- Additional security certifications from esteemed organizations will be valued.
- Background in using forensic software and analyzing malware is a bonus.
- Familiarity with cloud platforms like AWS and GCP is beneficial.
- Competent in working within a structured, process-oriented global enterprise.
- Exceptional communication skills, both in writing and speech, primarily in English.