Nexlogica · 2 months ago
Cyber Incident Response - Lead Position
Downey, CA
Full-time
Onsite
Mid, Senior Level
3+ years expNexlogica is seeking a Cyber Incident Response Lead to manage and document incident response processes while collaborating with cross-functional partners. The role involves leading efforts in incident management, driving containment strategies during data breaches, and providing recommendations to mitigate future incidents.
Cloud ComputingConsultingSoftwareWeb Design
Responsibilities
Experience with documenting incident response process and procedures
Experience with first responder forensics analysis and investigation
Experience with triage and resolving advanced vector attacks such as botnets and advanced persistent threats (APTs)
Experience as the leas during business impacting situations, and work to restore normal service operations in cooperation with cross-functional partners
Advanced skills in timely communications and updates are provided for incident management and root-cause scenarios
Ability to work directly with data asset owners and business response plan owners during high severity events of interest.; Leads the effort on messaging and communication related to incident reporting for all audience
Experience driving containment strategy during data loss or breach events
Experience with the documentation and maintaining chain of custody of incident evidence
Experience driving post-containment recovery effort through to complete incident closure
Should work with teams to provide recommendations to resolve and/or reduce impact of incident and to prevent future similar incidents
Develop and enrich restoration procedures to mitigate future outages and business disruptions. a. Experience providing written final incident report to executive management that provide; Assessing scope of incident damage and assisting in the determination of incident severity.; Document activities such as investigation, discovery and recovery during the incident
Experience with collaborating with departmental IT team to identify the root cause of recurring incidents and create action-plans for remediate and prevent recurring situations
Maintain on-call availability for 24x7x365 coverage
Qualification
Required
Bachelor's degree from an accredited college in Technology related discipline (e.g. Computer Science, Engineering, Information Systems, etc.) or equivalent experience/combined education
Preferred
Experience with documenting incident response process and procedures
Experience with first responder forensics analysis and investigation
Experience with triage and resolving advanced vector attacks such as botnets and advanced persistent threats (APTs)
Experience as the lead during business impacting situations, and work to restore normal service operations in cooperation with cross-functional partners
Advanced skills in timely communications and updates are provided for incident management and root-cause scenarios
Ability to work directly with data asset owners and business response plan owners during high severity events of interest; Leads the effort on messaging and communication related to incident reporting for all audience
Experience driving containment strategy during data loss or breach events
Experience with the documentation and maintaining chain of custody of incident evidence
Experience driving post-containment recovery effort through to complete incident closure
Should work with teams to provide recommendations to resolve and/or reduce impact of incident and to prevent future similar incidents
Develop and enrich restoration procedures to mitigate future outages and business disruptions
Experience providing written final incident report to executive management that provide; Assessing scope of incident damage and assisting in the determination of incident severity; Document activities such as investigation, discovery and recovery during the incident
Experience with collaborating with departmental IT team to identify the root cause of recurring incidents and create action-plans for remediate and prevent recurring situations
Maintain on-call availability for 24x7x365 coverage
One or more of the following professional certifications required: Qualified Security Assessor (QSA), Certified Information Systems Auditor (CISA), Certified Information Systems Security Professionals (CISSP), Certified Information Security Manager (CISM), Certified Information Privacy Professional (CIPP), GIAC Certified Incident Handler (GCIH) or GIAC Network Forensic Analyst
Desired of three (3) years' experience in the last five (5) years as an IT Security Incident Response Manager, supporting a complex enterprise security environment for a large public or private organization
Desired of three (3) years of experience in the past five (5) years as an IT Security Incident Response Manager, supporting Enterprise Multi-Tenant environment, include responding, containing, remediating, and reporting on the infrastructure connecting to large private or public organization and Public Cloud Providers, such as AWS, Azure and/or GCP
Minimum of two (2) years' experience in the last three (3) years analyzing, responding, and remediating enterprise network & security architectures
Minimum of two (2) years' experience in the last three (3) years leading IT Security/Information Security teams
Minimum of two (2) years' experience in the last three (3) years delivering Incident Reports and Remediation Recommendations in a large enterprise organization
Demonstrated ability to create clear, concise technical documentations such as procedures, Visio diagrams, and system support documents, and strong presentation skills with experience using Microsoft PowerPoint
Company
Nexlogica
Nexlogica is a business navigator that offers digital enterprise transformation and management consulting services.
51-200 employees
Funding
Current Stage
Growth StageCompany data provided by crunchbase