Emc Insurance Foundation

posted about 2 months ago

Full-time

About the position

At EMC, you'll put your skills to good use as an important member of our team. You can count on gaining valuable experience while contributing to the company's success. EMC strives to hire and retain the best people by engaging, developing, and rewarding employees. The position involves developing, administering, and monitoring controls for the security, integrity, and availability of enterprise systems, business information, and other sensitive information. You will evaluate information systems and collaborate with security architecture and engineering on moderately complex security-related projects. Identifying, reporting, and mitigating security incidents while addressing escalations will be a key part of your role. Additionally, you will configure and administer moderately complex cybersecurity systems and collaborate with security teams and other IT teams to maintain system and security compliance as detailed by the IT Security Policy and corporate policies. As a cybersecurity operations first escalation point of contact, you will research and resolve escalated moderately complex cybersecurity alerts and incidents, such as phishing and malware-related incidents, utilizing cybersecurity tools, including SIEM and SOAR. You will escalate complex incidents to senior team members and lead the incident response team and activities, which involves meeting with Legal, IT, and other department leaders based on security issues. Planning, coordinating, and executing regular incident response preparedness, including tabletop exercises, will also be part of your responsibilities. You will maintain the incident response plans and configure and administer moderately complex cybersecurity systems, including vulnerability management, SIEM detection and alert development, EDR detections and exclusions, SOAR playbooks, integrations, and writing scripts and integrations. Verifying that adequate security controls and recovery requirements remain in effect as system changes are performed is crucial, as is performing controls testing to ensure compliance with cybersecurity controls and standards. You will collaborate with Cybersecurity Engineers to guide enterprise system administrators on routine to moderately complex cybersecurity issues and concerns, develop vendor relationships, and work with Cybersecurity Engineers to review and resolve requests for exceptions to security controls and policies, ensuring adequate compensating controls are in place.

Responsibilities

  • Develops, administers, and monitors controls for the security, integrity, and availability of enterprise systems, business information, and other sensitive information.
  • Evaluates information systems and collaborates with security architecture and engineering on moderately complex security-related projects.
  • Identifies, reports, and mitigates security incidents and addresses escalations.
  • Configures and administers moderately complex cybersecurity systems.
  • Collaborates with security teams and other IT teams to maintain system and security compliance as detailed by the IT Security Policy and corporate policies.
  • Serves as cybersecurity operations first escalation point of contact.
  • Researches and resolves escalated moderately complex cybersecurity alerts and incidents, such as phishing and malware-related incidents, utilizing cybersecurity tools, including SIEM and SOAR.
  • Escalates complex incidents to senior team members.
  • Leads incidents response team and activities which involves meeting with Legal, IT, and other department leaders, based on security issue.
  • Plans, coordinates, and executes regular incident response preparedness, including tabletop exercises.
  • Maintains the incident response plans.
  • Configures and administers moderately complex cybersecurity systems, including vulnerability management, SIEM detection and alert development, EDR detections and exclusions, SOAR playbooks, integrations and writing scripts and integrations.
  • Verifies that adequate security controls and recovery requirements remain in effect as system changes are performed.
  • Performs controls testing to ensure compliance with cybersecurity controls and standards.
  • Collaborates with Cybersecurity Engineers to guide enterprise system administrators on routine to moderately complex cybersecurity issues and concerns.
  • Develops vendor relationships, including understanding the roadmap of current tooling and emerging technologies of existing vendors.
  • Works with Cybersecurity Engineers to review and resolve requests for exceptions to security controls and policies, ensuring adequate compensating controls are in place.

Requirements

  • Bachelor's degree in a computer related field or equivalent relevant experience.
  • Three years of experience in information security or related experience.
  • Security certifications (CySA+, CISSP, Security+, CEH) preferred.
  • Strong knowledge of commonly used concepts, practices, and procedures within the field of information security.
  • Strong knowledge of SIEM and SOAR technologies.
  • Strong knowledge IPS/IDS rules and policies.
  • Good knowledge in one or more scripting languages, preferably Python.
  • Good knowledge of methods for protecting endpoints both cloud and on-premises.
  • Experience with vulnerability management and remediation and related security tools.
  • Experience with threat detection and response solutions.
  • Strong knowledge of enterprise system administration.
  • Excellent analytical and problem-solving abilities.
  • Excellent incident response skills including leading large group of various levels of the organization.
  • Excellent verbal and written communication skills.
  • Strong human relations and customer service skills.
  • Strong organizational and multi-tasking skills.
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service