XTN-A6D0249 | SOC MANAGER (INCIDENT HANDLING TEAM) - REMOTE at KMC Solutions

The Purpose Driven Career Objectives of a Network /System / Database Administration at KMC:

Nuspire is a leading managed security services provider (MSSP) founded over 20 years ago to revolutionize the cybersecurity experience by taking an optimistic and people-first approach. Our deep bench of cybersecurity experts uses world-class threat intelligence as part of a Fusion Center to detect, respond, and remediate advanced cyber threats. 

Position Description:

The Incident Handling Manager directs the team of incident handlers, incident responders, and forensics examiners by way of mentoring, capacity management, performance management, and incident review. The Incident Handling manager partners with other Fusion Center areas and leaders to assist with incident investigation, collaboration, and communication.

As the Incident Handling Manager, you will be expected to understand and have deep experience in incident response and forensics. In this position, you will be reviewing investigative cases to ensure that processes are followed as well as serving as an escalation point for your team for customer interactions and declaring major incidents. This opportunity may require shift work and the ability to be available on[1]call on nights, weekends, and holidays.

The ideal candidate will have 10+ years of incident handling and response experience. They should have in-depth technical knowledge of network security, operating system security, vulnerability management, common attacker techniques and vectors, and SIEM. They should have direct experience in leading critical investigations. They should have experience in writing technical investigation reports as well as incident summary reports for leadership. They should have experience managing teams of 10 or more people and providing mentorship. 

To apply for Network /System / Database Administration, you are excellent at:

• Providing day-to-day oversight of incident handling, incident response, and forensics teams
• Reviewing all incidents and participate in shift turnover meetings
• Maintaining and enhance team training program
• Maintaining and enhance career development and advancement plans
• Managing multiple priorities and projects at once
• Being responsible for overall ownership of all playbooks, procedures, and workflows pertaining to incident handling and forensics
• Serving as a subject matter expert as it pertains to incident handling and incident response processes
• Collaborating with SIEM team to drive down false positives of alerts

Your Success Profile includes:

• At least 10 years of security experience
• Advanced incident investigation and response experience
• Advanced log parsing and analysis skill sets
• Advanced knowledge of networking fundamentals
• Moderate knowledge of Windows, Linux/Unix, and Mac operating systems
• Moderate knowledge of network defenses such as firewalls, IDS/IPS, proxies
• Moderate knowledge of forensic techniques
• Moderate knowledge of audit requirements (PCI, HIPAA, SOX, NYDFS, etc)

Preferred Skills:

• The ability to communicate technical and security topics to executive leadership
• Advanced understanding of the TCP/IP packet framework
• Advanced understanding of MITRE ATT&CK and Cyber Kill Chain frameworks
• Ethical hacking/penetration testing experience · Attacker mindset
• Moderate understand of different cryptographic algorithms
• Experience in multiple roles in incident response
• Ability to explain technical security events to non-technical audiences
• Understanding of cyber fraud and the attack vectors

Education/Certifications/Training Required:

• Bachelors’ Degree in Computer Science, Information Security Assurance, or equivalent experience

Education/Certifications/Training Preferred:

• GIAC, GCIH, GMON, OSCP, CEH, CEPT
• CCNA, CCNP
• CISSP