Incident Response Manager

TRM Technologies, Inc.

$90K — $120K *
Information Technology
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • 5+ years of incident response experience with advanced persistent threats.
  • In-depth understanding of cyber security, network fundamentals, and attack methodologies.
  • Hands-on experience with SIEM products like Splunk, ArcSight, or ELK.
  • Strong verbal and written communication skills required.
  • Degree in IT Security, Engineering or related fields preferred with relevant certifications in cyber security.

Responsibilities

  • Lead incident response engagements with support from senior management.
  • Develop and implement incident response protocols and processes.
  • Conduct advanced threat hunting to identify unknown cyber security events.
  • Create high-quality reports and presentations for leadership and stakeholders.
  • Collaborate with SOC teams to recommend security risk mitigations.
  • Research and implement new strategies in Incident Response and Threat Hunting.
  • Enhance Standard Operating Procedures for L2 & L3 analysts.

Benefits

  • Full-time permanent position with job security.
  • Opportunity to lead a geographically dispersed team.
  • Engage with cutting-edge technologies in cyber security.
  • Collaborate with cross-functional stakeholders for comprehensive impact on the organization.
Full Job Description
Location Ottawa, ON. Language English Required Duration Full-time Permanent Employment Security Clearance ctive Holder / Eligible for GC Security Clearance
Our Private Sector client, with a significant Federal Government footprint, is seeking a seasoned Incident Response Investigator to oversee highly technical incident response engagements, set the Incident Response Plans, and collaborate with cross-functional stakeholders in the application & monitoring of Incident Response processes.

This Incident Response Investigator will be responsible for developing and integrating internal tools designed to augment and automate capabilities of the Global SOC to detect, respond and mitigate cyber security threats.

The Incident Response Investigator will lead a team of geographically dispersed L2 & L3 analysts, by providing strong technical leadership and guidance.

*** Please note that this is a full-time employment opportunity (and not a contract role).***

Responsibilities include:
  • Provide technical leadership and conduct incident response engagements as required with the support of the Head of Security Monitoring and Response
  • Develop incident response protocols & processes within the Global SOC, paying particular attention to best practices and advances in technology or cyber security
  • Support advanced "Threat Hunting" for unknown cyber security events in order to find, identify and categorize advanced cyber threats
  • Produce high-quality written and verbal reports, presentations, recommendations to senior leadership & other internal stakeholders across the company
  • Partner with other SOC teams to provide mitigation recommendations to reduce the overall security risk within the organization
  • Actively research within the field of Incident Response, Forensic and Threat Hunting to develop new strategies against threats
  • Leverage recent discoveries by the Threat Intelligence community to guide hunting activities and ensure the continuous improvement and evolution of company practices
  • Review, modify and create the Standard Operating Procedures (SOPs) used by L2 & L3s
Qualifications and Experience:
  • 5+ years of incident response experience in an environment where advanced persistent threats are present.
  • Detailed understanding of cyber security and in-depth knowledge of computer networking fundamentals, modern threats and vulnerabilities, attack methodologies, threat actors and forensics methodologies and tools.
  • Hands-on experience with SEIM products such as Splunk, ArcSight, or ELK
  • Excellent spoken & written communication skills are a must.
  • Education/Certificates:
    • Degree in IT Security, Engineering or Technology related fields a major plus
    • Proven certifications in cyber security related disciplines. E.g. SANS Qualifications/Certifications
    • Certified in Incident Response and/or Forensics
  • Experience:
    • Forensics : Perform forensic collection of endpoint or network evidence with forensically sound procedures
    • Reverse Engineering : Complete both dynamic and static analysis
    • Cloud Development : Possess expertise in any of the flowing: Azure, AWS or GCP services and associated security monitoring and response
    • Log Correlation / Log Analysis : Experience perform log analysis
  • Capabilities:
    • Quality & expertise : deliver high quality reporting on technical issues identified and providing remediation guidelines
    • Critical thinking; ability to make decision with limited information
    • Teamwork : contribute to continuous improvement for the whole team
    • Action oriented; bring complex security investigation to closure
    • Quick Learner: capacity to absorb information about new technology and learn on the fly under tight timelines.

If you meet the above listed criteria and experience profile, please apply today and one of our representatives will contact you to discuss further.

We look forward to hearing from you. Thank you.

Similar Jobs

More Jobs at TRM Technologies, Inc.

More Information Technology Jobs

Find similar Incident Response Manager jobs: