Cybersecurity Engineer Lead (PCTE)

Overview:

By Light is hiring a Cybersecurity Engineer Lead responsible for management, supervision, and coordination of cybersecurity incidents as part of a 24x7 operation. SOC Manager also maintains incident response playbooks, conducts cyber tabletop exercises, acts as a liaison on third party incidents, and communicates with Sponsor Leadership. The SOC Manager conducts gap assessments and program maturity analysis to ensure that the Security Operations Center is staffed 24x7, 365 with capable leadership who can take immediate actions upon notification of a cybersecurity incident.

• Serves as the Incident Commander in a 24x7 Security Operations Center, leading significant or high-profile incidents, including validating and escalating incidents, coordinating response activities across multiple business operations.
• Capable of rapid, independent decision making in stressful / fluid situations, including those that impact critical business systems.
• Provides strategic guidance on and tracking of tools/visibility/capabilities gaps affecting information security posture.
• Serves as liaison between the Security Operations Center and the impacted business function and technical teams during an incident.
• Coordinates and directs efforts among Security Operations team members throughout the incident response lifecycle.
• Provides timely and relevant updates to appropriate executive stakeholders and Sponsor leadership.
• Conducts after action reporting and provides relevant insights to guide improvements and adjustments to cybersecurity response processes.
• Tests and updates incident response plans and processes to address existing and emerging threats.
• Maintains strong working relationships across technology and security teams.
• Perform special projects and initiatives as assigned.

• A master’s degree from an accredited college and six years of satisfactory full-time experience related to projects and policies required by the position. Bachelor’s degree in information technology; and/or experience which is above 10 years.
• DoD 8570 Certification
• Cyber Security/Incident Response Certifications. (CSSP Analyst, CSSP Incident Responder)
• Knowledge of technologies, systems, and networks as well as typical gaps that could impact the ability of an organization to effectively detect and respond to cyber threats.
• Demonstrated knowledge of common adversary tactics, techniques, and procedures
• Relevant Technical Security Certifications (GCIA, GCIH, GCFA, GHFI, GNFA, GREM)

• AWS Certified
• CISSP or CCSP
• OSCP

• Top Secret with SCI eligibility required