Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Jobs InfoSec Jobs

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Principal Security (incident response) Engineer
Company US Bank
Location REMOTE
Preferred GIAC Certifications GIAC Certified Incident Handler (GCIH)
Travel 5%
Salary 90000
URL https://usbank.wd1.myworkdayjobs.com/en-US/US_Bank_Careers/job/Cincinnati-OH/Principal-Security-Engineer---CSIRT---Cincinnati--OH-or-Richfield--MN_2021-0021728
Contact Name Michael Carr
Contact Email michael.carr2/at/usbank.com
Expires 2021-10-21

Job Description

The focus of this role will be on ensuring that the incident response requirements will be met for all on-premise environment and preparing the same as the bank migrates to the major cloud environments. In order to succeed, the qualified candidate must have demonstrable expertise in delivering capabilities to investigate and respond to security incidents. They will work in partnership with other information security teams and development teams.

Responsibilities will also include:

- Investigating potential cybersecurity incidents
- Developing response processes and training security operations staff
- Reviewing and tracking detected events to identify new exploits, threats and mitigation strategies, and enforce incident reporting standards
- Leading in-depth technical analysis of new and emerging information security threats
- Analyzing threats and vulnerabilities to determine their impact to the bank's operations
- Assisting with investigations and eDiscovery efforts involving court-proven forensic processes and technologies
- Ability to assess, contain, eradicate and recover systems associated with compromises, whether network, Windows, or *NIX

Basic Qualifications
- Bachelor's degree in Engineering or Science, or equivalent work experience
- Eight or more year of experience in information security
- Two or more years of experience in IT infrastructure management, application architecture, risk management, data architecture, middleware technology, and IT operations and project management

Preferred Skills/Experience:

· Expertise in security logging, monitoring and event management tools
· Expertise in log analysis, packet analysis
· CISSP, CHFI, CEH, GCIH or similar certification is preferred but not required
· Experience in the financial sector is preferred but not required
· Malware reverse engineering skills are desirable but not required

· Minimum of 4 years experience with incident response/incident handling
· Ideally, minimum of 2 years experience with major cloud environments such as AWS, Azure and GCP
· Demonstrable proficiency with digital forensic tools and investigations, threat intelligence platforms, security automation and orchestration, capture the flag events and red/blue/purple team activities.