Principal, Cyber Security-IND

Description

L4 CONSULTANT or L4 PRINCIPAL (IT)

Global Level Description
Recognized subject matter expert with specialized knowledge in the function. Manages large projects or processes. Limited oversight from manager. Coaches, reviews and delegates work to lower level professionals. Problems faced are difficult and often complex. Influences others regarding policies, practices and procedures.

Complexity/Contribution
Provides solutions to a variety of advanced complex technical projects or business issues requiring state of the art technical or industry knowledge. May be the in-house expert on specific technologies or within the job function area. Complete understanding and wide application of advanced technical principles, theories and concepts in a specialized field.

Possess broad knowledge of professional field and other related functions.

Independence
Goals are provided to the incumbent in form of desired results. Determines and develops approach to solve functional area related issues.

Minimum Skills/Experience
Possess the strongest of skills acquired through advanced training, study and experience. Four-year college degree (or additional relevant experience in a related field). Minimum 8 years functional experience including a minimum of 5 years position specific experience.

JOB FAMILY SUMMARY

HRBP: Insert Job Family Summary from Job Catalog Guide

SPECIFIC JOB SUMMARY DESCRIPTION

Describe the specific scope, responsibilities and requirements for this position. Ensure consistency with the global level definitions above. This section may be copied into Jobvite to provide more information for the recruiter.

Position Summary

We are looking for a highly experienced Deputy Incident Commander and Information Security Principal to assist in the management of information security incidents.  The Deputy will also be responsible to assist in disaster recovery planning, testing, and execution as well as preparing and maintaining incident response documentation.  The Deputy will interface with information security incident responders and other IT organizations to aid in resolving serious incidents by organizing the response.

As a principal, you will not be resolving incidents every day.  You will also need to work with internal teams to plan, test and execute disaster recovery activities. Additionally, you will work with the team to plan and execute training exercises as well as prepare and maintain incident planning documentation.  The principle will need to interface on other information security, IT, and business teams and demonstrate excellent communication and organizational skills.

Key Responsibilities

• Assist in developing an incident response management structure based on the National Incident Management System and the Incident Command System
• Be a resourceful part of the talented team responsible for security incident response, major vulnerability remediation efforts and disaster recovery.
• Building, executing, and practicing a best-in-class security incident response plan.
• Develop comprehensive, accurate reports and presentations for both technical and executive audiences
• Interface with disaster recovery assets
• Own and manage tools for disaster recovery.
• Experienced with cyber investigations and forensic level analytics as well as insider threat programs.
• Experienced in the security aspects of multiple platforms, operating systems, software, communications, and network protocols along with malware analysis in support of incident analysis and response.
• Ability to anticipate and respond to changing priorities and operate effectively in a dynamic, demand-based environment, requiring flexibility and responsiveness to client matters and needs.
• Demonstrated ability to manage projects and tasks within an agile and dynamic operational environment
• Previous experience managing cross functional and interdisciplinary project teams to achieve tactical and strategic objectives.

Skills and Experience

• 5+ years of incident response in fast paced environments
• 5+ years of strong hands-on experience in digital forensics examinations and/or investigations using the EnCase tool or similar tool suites such as Magnet Axiom
• 2 + years leading incident response
• Advanced knowledge and understanding in various disciplines such as security engineering, system and network security, authentication and security protocols, cryptography, and application security.
• Experience with cloud services
• Strong understanding of vulnerabilities, common attack vectors and has attacker mindset: ability to think about creative threats and attack vectors.
• Strong communication (i.e., written and verbal), presentation, teamwork skills and resourcefulness)
• Experience using the National Incident Management System and Incident Command System or similar highly structured, flexible management system
• Required Certifications: EnCE, FEMA IS-100.c, or IS-200.c, or IS-700.b
• Preferred Certifications: CISSP, CISM, GCIH

Job Qualifications and Educational Requirements

Bachelor’s degree from an accredited University

Work Experience: 8+ years; 5+ directly related to role; 5+ years of digital forensics/Incident Response

Provide three current work references & pass a criminal background check

Pass a proficiency exam related to the role

…