Position00181 Cyber Security Operations Director
City, StateNYC,New York
CountryUnited States
Salary225-275 plus 25-75K bonus
Contact NameSteve Silvi
Emailsilvi@datapathsearch.com
Phone203-869-3536
Description

·         Cyber Security Operations Director

o    Duties and tasks to be performed include, but are not limited to: 

·          Identify, respond, and mitigate sophisticated threats to our Client and coordinate efforts with portfolio companies

·          Conduct incident response activities, including advanced investigation (forensic, malware analyses, root cause analysis etc.) to investigate potential intrusions and develop remediation guidance

·          Perform the activities necessary for the immediate, short-term rapid resolution of incidents to minimize risk exposure and production down-time

·          Maintain a professional communicative relationship with clients and management to provide information throughout the incident, problem, and change management cycles

·          Coordinate and drive efforts among multiple business units with the companies during response activities and post-mortem

·          Proactive monitoring of internal and external-facing environment using security capabilities

·          Provide timely, comprehensive and accurate information to our Client and portfolio company leadership in both written and verbal communications

·          Proactively research and monitor security-related information sources to aid in the identification of threats to our Client and portfolio networks, systems and intellectual property

·          Lead and mentor other staff members on incident response, analysis and tools

·          Routinely develop and update incident response playbooks to ensure response activities align with best practices, minimize gaps in response and provide comprehensive mitigation of threats.

·         developing threat awareness and education briefings

·         maintaining technical proficiency in the use of tools, techniques and countermeasures

·         maintaining professional knowledge of trends in computer and network vulnerabilities and exploits

·         Responsible for the development and on-going reporting of program metrics

·         participation in the production of cohesive technical intelligence reports

·         On call and after hours work can be expected

 

 

Requirements

o    Basic Qualifications: 

·   BA/BS degree in Information Technology or Information Security, Computer Science, Intelligence analysis, Cyber Security or another related field of study

·   Overall 10+ year of professional experience with 7+ years in Cyber Security Operations

·   Candidate must have knowledge of cyber terminology, tools, and concepts.

·   Expert technical skills proficiency in the following areas: network communication using TCP/IP protocols, basic system administration, malware (malware communication, installation, malware types), computer network defense operations (proxy, firewall, IDS/IPS, router/switch, open source information collection)

·   Unix/Linux background & work experience 

·   Experience with and knowledge of cyber incidents and APT intrusion sets

·   Demonstrated experience with information security tools (SIEM, FPC, signature development)

·   Demonstrated experience with networking, system administration, architectures and security elements

·   Resource must be able to identify and interpret logs from various servers and services such as Firewall, web, sql, and applications.

 

o    Desired skills: 

·   The candidate should have the ability to build intrusion related data visualizations and perform analysis (i.e., using I2 Analyst Notebook, Maltego)

·   Effective communication skills (both written and verbal)

·   Demonstrated excellent customer service and teaming skills

·   Experience researching and tracking APT campaigns

·   Conceptual understanding of the Cyber Kill Chain, Intelligence Driven Defense and/or Diamond modeling of cyber threat activity

·   Experience working with and managing service providers

·   Malware/ Reverse Engineering experience

·   Enterprise incident handling experience

·   Forensic analysis experience

·   Programming  and scripting experience, should be comfortable with regular expressions

·   Advanced proficiency in network analysis and using network security tools 

·   Experience with architectures and security elements 

·   Proven accountable, dependable and reliable work ethic

·   SANS GIAC GGCIH/GCFA, CISSP

·         Experience with the following technologies:

§  Windows, Mac, Linux, AIX

§  Palo Alto Firewalls

§  Microsoft Office 365 SPE Security Suite

§  Crowdstrike Falcon or similar EDR

§  Splunk

§  Tanium

§  Nexpose and Metasploit

§  Mimecast

 

§  ServiceNow