Senior Incident Response Engineer

PC Connection   •  

Mc Lean, VA

Not Specified years

Posted 263 days ago

This job is no longer available.

Description

Connection Services has a fantastic opportunity through our technical staffing division in McLean, VA. We are looking for an Incident Response Subject Matter Expert. This is a contract opportunity with immediate start.

 Job Details:

  • Formalize the Security Incident Response Team (SIRT)
  • Develop a formal, strategic program plan for the SIRT and detail goals and objectives to align to mission
  • Define Incident Response Roles and Responsibilities
  • Develop and implement security logging policy for all assets
    • Define security event and log management policy
      • Policy should govern storage, handling, and monitoring of logs
      • Requirements for event logging
      • Leverage new log management platform -- Sumo Logic -- an security analytics capability
      • Logging standards for assets based on security categorization assignment
      • Define procedures to review relevant security log events
  • Create well-define incident categories and associated severity labels for the identification of security incidents
  • Develop and implement an IR escalation matrix
  • Assist Information Security Team in running a tabletop exercise, developing an executive tabletop exercise
  • Develop an incident response communication plan, incident response metrics, incident response playbooks , Use Cases
  • Expand team's use of a dedicated IR case management system
  • Formalize threat intelligence function
  • Implement performance metrics to measure the effectiveness of the information security program
  • Logging standards and logging hygiene of their current environment.
  • Assist the team in identifying and implementing a centralized repository to collect, annotate, and share threat intelligence and indicators of compromise (IOC's) into a knowledge base
    • Develop procedures to regularly review IOC's
  • Formalize threat intelligence function
  • Implement performance metrics to measure the effectiveness of the information security program
  • Logging standards and logging hygiene of their current environment.

Requirements

  • Solid experience working in an IR Environment.

4161