You will be part of HIA IT Security and Compliance team, with a primary role to minimize the impact of active Cyber security incidents through innovative approaches to incident response and to minimize the probability of security incidents through proactively improving the ability to prevent, detect, disrupt, investigate, respond to, and recover from cyber risk events.
You will perform on-the-ground investigations and collection of threat information. Includes preparing to effectively handle cyber security incidents, responding to incidents, developing response plans, automating playbooks and conducting exercises to test response plans.
Key accountabilities include:
Lead internal Cyber Security incident response to understand, mitigate and remediate threats and risks impacting HIA IT.
Identify security risks and exposures, determine the causes of security violations, designs and implements procedures to prevent and mitigate future incidents.
Perform complex incident response technical analysis and arrive at technical conclusions based on analysis of evidence; review analysis and conclusions of other team members and recommend course of action for containment strategy of active threats.
Set standards for the documentation of activities during an incident, creation of security incident reports, and for conducting post-incident reviews.
Drive continuous improvement through active collaboration with threat simulation, vulnerability management, and technical architecture.
Spearhead the development of innovative approaches to detect, respond to, and eradicate advance threats; improve overall time to respond and eliminate threats.
Efficiently consume threat intelligence and convert threat intelligence into actionable rules and alerts.
Develop comprehensive Incident Response playbooks for different use cases & technology stacks.
Contribute to meet established Security & Compliance KPIs and support the team on other Security activities and initiatives.
Understand & analyze Red Team active exploitation techniques and develop build blue team defense capabilities.
Minimum 5 years leading critical incident response or Blue Team efforts.
Strong analytical and investigation skills.
Attention to detail and motivated to deliver exceptional quality.
Full-stack knowledge to understand modern attacks that involve networks, infrastructure, compute and applications.
Ability to work independently and handle multiple tasks concurrently with strong written and verbal communication.
SANS GCIH, GCTI or similar.
Click here to Apply Online