CSIRT Engineering Lead

CSIRT Engineering Lead – Perm - Remote - $180,000 - $190,000
The end client is unable to sponsor or transfer visas for this position; all parties authorized to work in the US without sponsorship are encouraged to apply.

An American Company is seeking a CSIRT Engineering Lead.

Role Description

Currently seeking an Associate Director, Security Monitoring Content Development and Engineering to join our Digital Nexus Technology organization. This is a remote work opportunity.

• Lead the development of content and workload for IR tools to automate the detection of threats promote the “shift left” culture among adjacent teams
• Lead the use case content development SDLC process and maintain the fidelity of detections for the team
• Become the service owner for related CSIRT’s solutions including: SIEM, EDR, IDS, SOAR and other related managed services and tooling developed in-house or COTS
• Work with a cross functional teams, including architecture and engineering, to ensure CSIRT tools have comprehensive coverage
• Continuously improve the CSIRT detection and automation capabilities through creation, modification, or acquisition of appropriate tools for on premise and cloud environments

Skills & Requirements

• 8+ years of experience in security monitoring, security operations and incident response activities
• Possess experience developing security monitoring rules for monitoring events, assessing risk, responding to incidents and providing security oversight related to the security features of IT tools supported by the IT operations teams
• Possess hands-on network and systems administration skills with Linux, Windows, SIEM, EDR, IDS, AWS, Azure, GCP and Windows Active Directory competence
• Possess the ability to integrate security tools with IT infrastructure such as proxies, mail servers, Active Directory, workstations and mobile devices and others
Must possess prior scripting experience in one or more languages (Python, Powershell preferred)

Preferred Skills
Splunk Administration experience
Cloud Security experience (Azure or AWS)
Experience with automation mechanisms such as Azure Resource Manager (ARM), Regular Expressions, Snort Rules
CISSP or GIAC certifications
BSc in Computer Science or equivalent

Why Hays?

You will be working with a professional recruiter who has intimate knowledge of the Information Technology industry and market trends . Your Hays recruiter will lead you through a thorough screening process in order to understand your skills, experience, needs, and drivers. You will also get support on resume writing, interview tips, and career planning, so when there’s a position you really want, you’re fully prepared to get it.

Nervous about an upcoming interview? Unsure how to write a new resume?

Visit the Hays Career Advice section to learn top tips to help you stand out from the crowd when job hunting.

Hays is an Equal Opportunity Employer.

Drug testing may be required; please contact a recruiter for more information. #1135346

Summary

Job Type
Permanent
Industry
Technology & Internet Services
Location
Remote
Specialism
Infrastructure
Pay
180,000 - 190,000
Ref:
1135346