This is a remote position.
KP Recruiting Group is a consulting firm that provides leadership and exceptional talent to some of the world’s leading companies. Headquartered in the Midwest, KP Recruiting Group has successfully completed countless engagements across the United States. We represent clients in all industries and all sizes. Our mission is to provide exceptional client and candidate experiences in order to get the best possible results. On behalf of our client, we are excited to present the following confidential role. We look forward to hearing from you and discussing the opportunity!
The Role:
The Incident Response Lead will lead, manage, and work with a diverse team of security analysts conducting various duties such as event detection, incident triage, incident handling, remediation, and vulnerability management. The person selected for this role will be responsible for leading the day-to-day response to cyber security related incidents which includes mitigating and defending against malicious cyber activity, distinguishing events from benign activities, supporting high impact incidents and generating clear and concise recommendations to these types of events. The Security Incident Response Team Lead will work with team members to provide in-depth analysis of security related datasets such as logs, event data, and alerts from diverse network devices and applications.
• Leads the response to computer security incidents according to the security incident response program and procedures
• Triage and assess the risk of incidents, performing real-time analysis and managing workload during incidents
• Provides timely and relevant updates regarding risks and threats to appropriate stakeholders and decision makers
• Lead team members in root cause analysis of cyber security incidents to solve issues and improve incident handling procedures
• Develop and enhance existing SIEM capabilities to correlate incidents in real-time, and drive automation of routine processes
• Works with team members to create runbooks for frequently occurring incidents and identify additional opportunities for automation
• Provides mentorship and guidance to security incident response team members while meeting organizational objectives
• Oversees the Vulnerability Management Program to include the health and effectiveness of vulnerability scanning capabilities
• Leads the Proactive assessment of security vulnerabilities within applications and infrastructure software and/ or other Information assets
• Communicates vulnerability results to infrastructure and application teams based on risk and threat to the business and gains support through influential messaging
Requires expert knowledge and experience in own discipline/department
- Builds or possess knowledge of the company, processes and customers
- Manages own workload and routinely provides informal guidance to colleagues with less experience
- Solves a range of straightforward and complex problems
- Analyzes possible solutions using standard procedures and experience
- Receives a minimum level of guidance and direction
Job Responsibilities:
(List of general activities, duties and/or tasks typically performed within the job.)
- Support Information Security Leadership regarding all aspects of the information security enterprise-wide risk management program, with minimal supervision. Responsibilities include facilitating the identification of risks throughout the organization, developing, reporting and monitoring formats on risk management issues and developing methodologies for the assessment of risks throughout the organization.
- Design various assessments in support of compliance, privacy or security requirements for the business. Lead assessments where appropriate.
- Implement process workflows in in support of compliance, privacy or security functions. Identify and escalate issues to leadership in a pragmatic, actionable manner. Review and approve procedural documentation.
- Lead development and continuous reporting of metrics mapped to goals.
- Lead coordination, consultation, and assessment efforts to track and remediate events and alerts, directs response to related incidents, internal or external audits, and / or control assessments.
- Develop and configure monitoring systems to protect data, defining baselines and reports used for trend analysis.
- Identify, report, and assist in resolving privacy, compliance or security violations and control gaps.
- Lead feedback with other IT teams to protect data from compliance, privacy or security compromise.
- Review and approve policies and procedures for identifying, reporting, and resolving compliance, privacy and security violations.
- Contribute to the strategic direction of the Information Security team to develop new capabilities, process efficiencies and goals.
- Security Governance Development: Participate in the development, review, ongoing maintenance and development of security policies, standards, processes, procedures and requirements to facilitate the establishment of common administrative controls for the delivery of security capabilities.
- Security Awareness: Develop content for organization wide and targeted security awareness training. Present relevant information security topics through a variety of forums depending on the audience.