Senior Associate IS Security Engineer (JP8015)
Tampa, FL. (Onsite Pending Lifting of COVID restrictions)
GIP – Strategy and Cyber Operations
1+ years (with likely extensions)
3 Key Consulting is hiring an Senior Associate IS Security Engineer
for a consulting engagement with our direct client, a leading global biopharmaceutical company.
Candidate will be working remote until site reopens, then required to be on site 3x a week. The Incident Response (IR) Analyst will be part of a distributed team and will work with their global counterparts to lead all aspects of all day-to-day 24-hour operations and functions provided by the Cyber Security Operations Center (CSOC) and other security groups.
You will be directly responsible for coordinating, training and equipping client employees and contractors in a manner directly aligned with client’s culture, principles and core values.
In the capacity of Incident Response Analyst, you will contribute to all security operations standard operating procedures, field manuals, and operating instructions. As part of the investigation or remedial processes you will have to engage with key business and operational partners in handling the detection, response and remediation of cyber related attacks on Client’s global enterprise.
The IR/Cyber Security Operations Analyst is a leader in Client’s Cyber Security Organization and is encouraged to contribute to and deliver services and projects that support the mission, priorities and objectives of the organization.
Why is the Position Open?
Top Must-Have Skill Sets:
Day to Day Responsibilities:
- IR incident response background.
- Communication skills & detail orientated.
- Facilitating meetings and writing reports.
You will contribute to the Americas Global Incident Response (IR) Operations and partner with the Cybersecurity SOC along with the Singapore-based Incident Response Manager to ensure continuity of 24/7 security services. Areas of responsibility include:
- Contribute to strategy and continuous improvement for Global Incident Response Program.
- Fulfills critical role as Incident Response Commander directly responsible for IR activities throughout Client’s Americas Region.
- Provides direction and guidance for workforce job proficiency by contributing to comprehensive professional development plans.
- Lead security event monitoring, management, and response.
- Deliver accurate incident identification, assessment, quantification, reporting, communication, mitigation and monitoring.
- Ensure Service Level Agreement (SLA) compliance and process consistency to achieve operational objectives.
- Contribute to integration of standard and non-standard logs in Security Information and Event Monitoring (SIEM) solution.
- Revise and develop processes to strengthen Security Operations.
- Partner with team including staff augmentation (Contract Workers (CW)) and outsourced services pertaining to the CSOC.
- Lead coordination efforts with necessary partners to better understand activity or actions and their impact to Client's environment.
- Maintain and upkeep relevant playbooks for response.
- Translate complex technical incidents into business language and be able to present the same to different audiences.
- Demonstrate, integrate, and collaborate on improving existing information security solutions and services to address any gaps or deficiencies in the CSOC to address security risks.
- Collaborate with other Information Security teams and provide CSOC insight to where limited information security controls or solutions are present.
- Lead efforts to integrate critical CSOC data into Information Security’s metrics program to enable critical strategic, operational, and tactical decision making.
- Provide mentorship and training on areas of expertise to Information Security and Client teams.
- Collaborate, maintain and build relationships with Client and other parties that may impact Cybersecurity services and technologies.
- Have an understanding of the Operational Technology (OT) environment such as Human Machine Interfaces (HMI) and Programmable Logic Controllers (PLC).
Doctorate degree in Engineering, Information Systems, or Computer Science & 2 years of directly related experience
Master’s degree in Engineering, Information Systems, or Computer Science & 5 years of directly related experience
Bachelor’s degree in Engineering, Information Systems, or Computer Science & 7 years of directly related experience
Associate’s degree in Engineering, Information Systems, or Computer Science & 12 years of directly related experience
High school diploma / GED & 15 years of directly related experience
(YEARS OF EXPERIECNE WITHIN ANY INDUSTRY)
Employee Value Proposition:
- Broad knowledge of the workings of security-related controls like firewalls, intrusion detection systems, anti-malware, secure gateways, security monitoring, data encryption and other industry-standard techniques and practices.
- Extensive experience with security application tools and systems, such as Cylance, Domain Tools, O365: Security & Compliance Module, QRadar, Phantom, Symantec Endpoint Protection, Tanium, Tufin, ThreatGrid, CrowdStrike (must have experience with a few of these).
- Ability to understand and quantify risks. Determine methods of addressing the risks and gaps to implement appropriate security controls
- Proficient in Incident Management and Response.
- Experience in security device management and SIEM (QRadar, Splunk).
- In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc..
- Proficient in preparation of reports, dashboards and documentation.
- Good communication and leadership skills.
- Experience in performing vendor management.
- Ability to handle high stress situations.
- Ability to piece together different and complex technologies and solutions to help provide a solution that meets security requirements.
- Detailed knowledge of digital network telecommunications including TCP/IP and other related network protocols.
- Practical Knowledge of Information Security standards and policies like ISO 27001/27002, NIST, and others.
- Excellent verbal and written communication skills.
- Effective working in global teams with the ability to effectively communicate and interact with a broad range of people and roles.
- Accepts responsibility and personal accountability.
- Successful management of multiple priorities.
- Must be collaborative, placing priority on the successful completion of team goals.
- Must be highly motivated and able to work effectively under minimal direction.
- Experience with complex technologies that impact security.
- Master Degree in Engineering, Information Systems, or Computer Science.
- At least 3 years as a security analyst supporting a multinational organization.
- Working towards a CISSP or equivalent security-related industry certifications.
Official line of defense for client for internet response, exposure to top leadership.
Violation of ethics, poor work ethic, unexplained gaps of employment.
Video Skype Panel Interview
We invite qualified candidates to send your resume to email@example.com
. If you decide that you’re not interested in pursuing this particular position, please feel free to take a look at the other positions on our website www.3keyconsulting.com/careers. You are also welcome to share this opportunity with anyone you think might be interested in applying for this role.