Cyber D fense, Monitoring, Incident Management - APN Consulting Inc
New Yok, NY 10020
About the Job
APN Consulting has an immediate need for a direct client requirement:
Role: Cyber Defense, Monitoring, Incident Management
Location: NYC (Hybrid)
Duration: FTE/Direct Hire
Major Duties & Responsibilities:
In this role you will report to the Head of Cyber Defense, in the organization of the CISO. You will play a pivotal role in safeguarding the company's digital assets and ensuring business continuity. You will be a leading member of the Cyber Defense team for Customer. You will be responsible for managing the broader Monitoring & Incident Management activities and their various responsibilities. You will work closely with other members of the MAS Information Security Office to actively prioritize day to day operational activities, identify and respond to security risks and incidents, recommend and implement solutions, work with affected departments to address the risk, and ensure that the remedy remains in effect. You must combine hands-on experience with an understanding of theory and practice. You will also be involved with monitoring and oversight of security consultants and other supporting third parties. Your responsibilities include operational aspects of monitoring and remediating security events including working with vendors and other IT departments to address the event and escalating to senior members of the team as necessary.
Qualifications & Requirements:
Additional Qualifications:
Role: Cyber Defense, Monitoring, Incident Management
Location: NYC (Hybrid)
Duration: FTE/Direct Hire
Major Duties & Responsibilities:
In this role you will report to the Head of Cyber Defense, in the organization of the CISO. You will play a pivotal role in safeguarding the company's digital assets and ensuring business continuity. You will be a leading member of the Cyber Defense team for Customer. You will be responsible for managing the broader Monitoring & Incident Management activities and their various responsibilities. You will work closely with other members of the MAS Information Security Office to actively prioritize day to day operational activities, identify and respond to security risks and incidents, recommend and implement solutions, work with affected departments to address the risk, and ensure that the remedy remains in effect. You must combine hands-on experience with an understanding of theory and practice. You will also be involved with monitoring and oversight of security consultants and other supporting third parties. Your responsibilities include operational aspects of monitoring and remediating security events including working with vendors and other IT departments to address the event and escalating to senior members of the team as necessary.
- Operational Responsibilities
- Coordinate work across the Monitoring & Incident Management team, ensuring 24/7 incident response readiness.
- Prioritize work amongst full time staff and third party resources
- Oversee tools, technologies, and processes related to security operations, including Vulnerability Management, Data Loss Prevention, EDR/NDR/XDR
- Ensure effective reporting of security activities, reporting status, risks, issues, and escalations to senior leadership (CISO, CIO, and other senior stakeholders).
- Perform day to day administration and support of security infrastructure tools and systems, including but not limited to SIEM, IDS/IPS, Anti-Virus, Anti-Malware, DLP, and other Network or System Monitoring tools
- Manage relationship with SOC, MSSP, TPRM, and other security vendors
- Provide expertise on Security Incidents
- Recommend and implement enhancements to existing processes, focusing on automation and integration between other security tools.
- Review security logs of critical systems to identify risks, security threats, or configuration errors
- Review daily, weekly, and monthly security reports for any anomalies or issues
- Provide first level support on security issues and guidelines from end-users, developers, desktop-support specialists and system administrators
- Troubleshoot security issues and assist with security incident responses and forensic investigations
- Maintain documentation on security architecture, procedures, configurations
- Create and update Incident Response documentation, IR Playbooks, KRI\KPIs, and other related items for Senior Management
- Serve as incident commander during incident response activities
- Project based work
- Provide feedback to MAS teams to implement well engineered solutions to improve security posture
- Work with colleagues and vendors to assess different technologies and determine their impact within the Client environment
- Provide security requirements for the design, development, engineering, and implementation of hardware, networks, and applications
- Conduct lessons learned exercises and RCAs after security incidents, detection of major system vulnerabilities, and ongoing compliance violations
- Analyze threat intelligence, vulnerability and security assessments; produce vulnerability reports and work with IT teams to correct or mitigate found deficiencies
Qualifications & Requirements:
- At least 10+ years security domain related experience, preferably within a financial services firm
- 5+ years of experience in a similar position.
- Proven experience in leading security operations within a large enterprise.
- Strong understanding of cybersecurity risk management and information security standards.
- Excellent communication and leadership skills, with the ability to manage and prioritize multiple projects and initiatives.
- Educational background with BS / MS in Information Technology, Computer Science, Engineering or related area.
- Strong written and verbal communication skills. Ability to clearly articulate ideas, solutions etc.
- Strong knowledge of internet, web, application and network security platforms.
- Strong knowledge of Linux & Windows operating system and security functions
- Ability to perform and interpret vulnerability assessments
Additional Qualifications:
- Possess security certifications (CISSP, CISM, CISA, GSEC, etc.)
- Experience with project management and industry best practices
- Experience working within the Financial Services industry
- Experience in support projects and able to handle issues against defined SLA / KPI
- Clear communication & presentation skills, and the ability to articulate complex issues concisely
- Leadership, relationship-building and influencing skills to drive agendas across a number of teams
- Proven track record of effectively interacting with senior management
- Ability to work strategically and collaboratively across departments
- Excellent organizational skills with the ability to multi-task, prioritize competing demands, be versatile and action-oriented
Source : APN Consulting Inc