Incident Response Practitioner Jobs

Established knowledge of incident response and infrastructure

Basic knowledge of the standard methods, materials, tools, and equipment used in concrete, asphalt repair, construction, and

Two (2) years' work experience in incident response, safety, infrastructure maintenance, or related field. (Required)

Rapidly respond to traffic related incidents.

Assist law enforcement officers on managing traffic or roadway related incidents.

Maintain clean appearance of highways and medians including removal and disposal of litter and debris.

Analyze and correlate incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation.

At least 2 year experience related to Digital Forensics & Incident Response (DFIR), Security Operating Center (SOC), or LEO DF Unit.

At least 1 years' experience with technical writing, developing technical documents, and incident response reporting.

Holds an intermediate level, industry recognized, certification (GCIH/GCFE/GCFA/GNFA//GREM/CFCE/CAWFE/EnCE/CCE).

Strong experience with Unix/Linux system administration.

Strong experience with Windows system administration.

Mandatory Skills:- host forensics, mal analysis and Industrial Control Systems.

Location:- Houston, Texas (Preferred)/Washington, DC/San Ramon, CA (Hybrid 1-2 Day/week Onsite)

Job Type:- Long Term Contract

Develop SOAR playbooks, automate routine processes, create or enhance detection and response capabilities

At least 1-3 years of experience handling cybersecurity related incidents

Strong Linux fundamentals, experience operating and investigating incidents in *NIX environments

Experience with scripting languages (e.g. Python, Go and PowerShell) for automation and analysis

Excellent communication skills (verbal and written), teamwork and collaboration skills

Bachelor's degree in Cybersecurity, Computer Science, or a technical field (or equivalent work experience in related field

The ability to work independently in a remote work from home position and cross-functionally with operational leaders and IS partners.

Experience analyzing and learning new technologies and methods.

Strong knowledge of information security principles and practices.

An excellent benefits package, including health and dental insurance, paid time off and retirement plans.

Options for a variety of schedules and shifts that offer flexibility and allow for work-life balance.

Tuition benefits eligibility - UW Health invests in your professional growth by helping pay for coursework associated with career advancement.

Familiarity and experience with crisis management, disaster recovery and business availability programs and procedures.

Conduct and coordinate Information Management department (First Responder) and Organizational (Crisis Manager) preparedness exercises.

Experience and knowledge with information security frameworks, regulatory compliance and reporting bodies (HITRUST, NIST, HIPAA, DHHS, etc.).

Oversee administration of Managed Security Service Provider (MSSP) services to include Security Operations Center, Incident Assistance and Data Forensics firms.

Manages all aspects of technical security incident response to include assessment, containment and reporting.

5+ years of experience in information security incident response required.

Bachelor's degree in Computer Science, Information Systems, related technical field, or equivalent practical experience.

2 years of experience leading incident response investigations, analysis, and containment actions.

Cloud incident response or forensic experience.

Ability to communicate investigative findings and strategies to technical staff, executive leadership, legal counsel, and internal and external clients.

Ability to travel up to 20% of the time.

Work through client-facing incident response engagements, examine cloud, endpoint, and network-based sources of evidence.

Knowledge of Information Assurance or Cyber Experience in the Telecommunications industry.

Writing technical articles for knowledge sharing.

Bachelor’s degree or four or more years of work experience.

Four or more years of relevant work experience.

Two or more years of Security Operations and/or Incident Handling experience.

Experience in a Security Operations Center (SOC) with focus on Computer Network Defense (CND).

Effective time management skills to balance time among multiple tasks and mentor junior consultants as needed

Experience leading Incident Response investigations, analysis, or containment actions

Experience with enterprise security architecture and security controls

Experience in Cloud incident response or forensic

Clear and organized verbal and written communication and collaboration skills

Remote locations: Arizona, USA; California, USA; Colorado, USA.

Prior global people management experience with a focus on career development in a high-growth, rapidly changing corporate environment.

Experience producing management dashboards and scorecards using tools like Tableau.

Experience with implementing ITIL, Incident Command, and knowledge services.

Network with Peers across Customer Engineering, Customer Success, Development and Product Management

Conducts listening sessions amongst global leaders about areas for improvement in the escalation management program

Implements effective bi-directional communication between the escalation management team and the Americas management team

Proficiency leading projects and project management experience with a focus on delivering results.

Experience managing, leading, and working with remote/distributed teams with diverse backgrounds.

Manage Security Operations Center personnel, partner relationship and supporting technologies.

Assist in ensuring the performance of key partner relationships and managed security services providers.

Required: 5-7 or more years relevant professional experience in a SOC performing IR.

Ninja-level knowledge of Windows, Linux Internals, Network Threat Identification, Cloud Security Protections.

2+ years of development experience with scripting languages such as Python and JavaScript

4+ years of progressive technical experience in a Computer Science and/or a Cybersecurity domain

Experience integrating web-services such as API and REST

Experience with UNIX/Linux, Windows, and Containerization

Knowledge of cybersecurity tools such as SIEM, IDS, EDR, etc.

Knowledge of common cybersecurity attack methods

Knowledge of traffic and real-time incident management operations (Preferred)

Prior work experience in a transportation management / traffic operations control center preferred

Participate in frequent training opportunities including induction, cross skilling, toolbox, and NIMS

Avoids legal challenges by complying with federal, state, and local legal requirements.

Occasionally assist with administrative duties at the Managers discretion.

High level of attention to detail, initiative, problem solving, personal organizational and leadership skills.

Offer support to the Digital Forensics team during investigations (as required), while embracing the opportunity to learn from highly experienced investigators

A minimum of3 years’ experience in a network/security related IT Role

Solid knowledge of both Windows and Linux based systems at an operational level

Reverse engineering skills a definite positive

SOC or NOC experience advantageous

Responsible for reviewing and monitoring client system security status on an ongoing basis

- Evaluate alert/incident response requirements from stakeholders and determine the feasibility of response goals.

- Minimum of 5 years of experience in Information Security.

- In-depth operational experience with SIEM technologies.

- Minimum 2 years' experience in the playbook and IR response development.

- Penetration Testing experience or Security Assessment consulting.

- Excellent interpersonal and Analytical Skills to work effectively as a team player.

Keeping your knowledge and skills current with the rapidly changing threat landscape.

BS in Computer Science, Information Security, or equivalent professional experience.

3+ years of demonstrated experience in areas such as incident response, systems security, network, and/or application security.

Understanding of security vulnerabilities, attacker exploit techniques, and methods for their remediation.

Experience with common security monitoring, log analysis and forensic tools.

Scripting skills (E.g: Python, Perl, Bash, PowerShell, etc.)

Knowledge of Information Assurance or Cyber Experience in the Telecommunications industry.

Writing technical articles for knowledge sharing.

Bachelor’s degree or four or more years of work experience.

Four or more years of relevant work experience.

Three or more years of experience in Incident Handling.

Experience in a Security Operations Center (SOC) with focus on Computer Network Defense (CND).

3+ years of management experience leading team.

Oversee all people-management activities for direct reports, including establishing goals and providing mentorship for team members.

Manage the IR team and MSSP personnel supporting IR functions.

Participate in developing Purple Team activities to facilitate team and individual skill improvement, as well as improve security controls.

Identify weaknesses and strengths of security controls and work with IT to improve prevention, detection, and response capabilities.

5+ years of experience in a hands-on incident response, threat hunting, or forensics role.

Minimum 3-5 years of experience as a SOC analyst

Experience with troubleshooting and configuring networking devices, application platforms, and database, Windows and UNIX system administration

Analyze network traffic, endpoint indicators, and various log sources to identify the threat, assess the potential damage, and recommend countermeasures,

Propose additional components and techniques that could be used to proactively detect malicious activity

Recommend configuration changes to improve the performance, usability, and value of threat analysis tools

Communicate with all levels of technology and operational staff, assist in creation and follow methodologies, creating clear, concise deliverables

Must possess excellent time management and administrative skills

Develop and manage customized security or operations plans in partnership with executive

Manage security, law enforcement, and medical personnel response as part of the overall security

Minimum five years experience with a federal, state, or local law enforcement agency, showing

Complete and maintain state guard certification as prescribed by presiding state law, as well as all

Tactical Operations or Executive Protection experience