Duties and Essential Role Functions:
- Manage a team starting with of analysts with a primary mission to proactively prevent incidents and ensure quality and adherence to client SLAs.
- Help employees realize their potential by setting clear expectations, openly evaluating performance, upholding accountability , and providing challenges (within and outside their team) to stretch employees' skills.
- Develop training plans, for analysts, which include effective communication, technical skills and response abilities.
- Align team's goals and. plan with company's long term priorities and strategy.
- Work with other teams to identify shared goals and partners to achieve those goals efficiently.
- Manage project goals, plans and risks, holds team accountable on achieving agreed goals.
- Mentor analysts throughout their development.
- Provide oversight of analysis activities and direct the activities of the team to ensure the effective resolution
- Should a security incident occur, efficiently orchestrate analysts and or escalation to respond
- Contribute to the development of Attack Analysis standard operating procedures to ensure that they stay current and effective
- Deliver assessments to senior leadership and recommend course of action to be undertaken
- Manage and improve information security documentation as required
- Help analyze findings ininvestigative matters, and develop fact basedreports ofevents over period of time
- This role will have supervisory responsibilities. As such, the individual must have a minimum of five years ' experience in the area of people management.
- 7+ year's Cyber Security Incident Response, Security Operations Center and/or Attack Analysis in a large, mission-critical environment with a background in the following:
-In-depth knowledge of network intrusion methods, network containment and segregation techniques
-In-depth knowledge of operating systems (Windows & UNIX, Mac OS X a plus)
-Expert understanding of TCP/IP networking, routing protocols and full packet capture analysis
-In-depth network security expertise including firewall, IDS and IPS
-Experience building baselines of network activity for use in anomaly detection
-Experience with proactive threat hunting techniques and concepts in an enterprise environment.
-Experience with reviewing raw log files, data correlation, and analysis (i.e.
firewall, network flow , IDS, system logs)
-Knowledge of enterprise systems and infrastructure
-Proven understanding of log parsing and analysis at a large scale with data clustering tools or techniques
-Experience with a scripting language such as Perl, Ruby, Python, and BASH
- Bachelor's Degree in Computer Science or related field
- Master's Degree in Engineering , Business Management, or Technology related fields a major plus