Cyber Security and Operations

Role & responsibilities

This role responds to and resolves complex incidents, proactively preventing their reoccurrence, and acts as a point of escalation for junior peers. This role also collects and correlates data from CND tools and coordinates with teams to ensure effective incident handling and security improvement.

Preferred candidate profile:

Responds to and resolves complex incidents and security issues. Determines the root cause and implements corrective action with appropriate level of assistance. Elevates potential concerns and gaps as appropriate.
Monitors the operation of systems and networks to ensure business continuity. Produces detailed reports for management, including findings and operation status. Conducts periodic recertification of all tasks and process documentation. Monitors the infrastructure and crew for security events and provides response to elevated. Identifies computer security requirements for new systems and/or processes under development. Maintains up-to-date documentation, procedures, and workflows to assist in performing event & incident investigations. Identifies opportunities to improve the efficiency and effectiveness of processes and procedures. Performs security audits on a regular basis to ensure compliance with security policies and standards. Trains and coaches junior staff on incident response procedures and serves as an escalation point for inquiries and issues. Participates in special projects and performs other duties as assigned. Collect and correlate data from various Computer Network Defense (CND) tools such as intrusion detection system alerts, firewall logs, network traffic logs, and host system logs to identify and evaluate security events. Coordinate with internal teams and external entities for effective incident handling, ensuring swift resolution and continuous improvement of security practices.