CSIRT Manager - New York , New York | STAND 8 Careers
Entertainment/Media company is seeking a CSIRT Manager who enjoys work with a team to values growth, collaboration, and a team-focused culture balanced.
STAND 8 provides end to end IT solutions to enterprise partners across the United States and with offices in LA, Atlanta, New York and more.
- Digital forensic Experience
- Investigative thoroughness
- Automation Experience
- Identify, evaluate, respond to threats detected by our Security information and event management (SIEM) system and vendor-led security operations team.
- Proficient in EnCase Forensic investigation procedures and case reporting.
- Independently plan, organize and devise approaches necessary to respond to incidents and obtain useful forensic information from the evidence submitted, taking into consideration the requirements by agency regulations, federal and state laws - and company policies as they apply.
- Lead a combined physical and virtual team of incident response participants during times of active incidents, including on-call schedule management.
- Conduct incident and investigations post-mortem briefings, analysis, and reporting as required.
- Apply broad security industry, technology, business and professional knowledge to contribute to policy-making and process design.
- Research and stay current on the latest trends, best practices, and technology developments.
- Ability to create custom applications to deal with specific security challenges (log collection, IOC detection, incident remediation).
- 10+ years of Information Technology experience
- 10+ years of Information Security and Incident Response or similar discipline
- 7+ years of Linux/Unix, Mac and Windows system analysis experience
- Security Designation(s): GCIH - GIAC Certified Incident Handler and EnCE - EnCase Certified Examiner
- Previous experience working in a large enterprise that employs a wide range of security management tools such as IDS/IPS (network and host), advanced anti-malware (network and endpoint), DLP, encryption, anti-virus, firewalls, identity management, NAC, etc.
- Expert understanding of server, desktop and mobile operating systems (Windows, Linux, iOS/Android)
- Expert understanding of network architecture and security infrastructure placement
- The candidate must also be available 24/7 and willing to work long hours during a critical incident
- Featured speaker/presenter at state or national security conference (Black Hat, DefCon, B-Sides, etc.)
- Exposure to security standards NIST Cyber Security Framework, NIST SP800-61 R2 and ISO/IEC 27035
- Understanding of threat modeling concepts such as threat indicators, threats actors and vectors
- Must be able to pass a criminal background check and a U.S. government security clearance if requested
- Very strong leadership skills with the ability to maintain team composure during critical incidents
- Strong communication and problem solving skills
- Flexible and responsive to changing situations
- Ability to work independently and as part of a team