-Develop and implement incident response plans and procedures, ensuring a swift and effective response to security incidents or breaches.
-Coordinate incident investigations, containment, and recovery efforts as needed.
-In-depth knowledge of incident response protocols and remediation techniques.
-Plan and conduct incident response exercises to include table tops, simulations, and actual disruptions.
-Incident investigation and response experience, including the ability to work with IR stakeholders to gather required information for reporting.
-Submit all required IR reports to governing bodies within parameters set by law, regulation, contract, or policy.
-Consult with various partners, publications, websites, news sources, and cyber forums to provide daily updates on threats relative to our environments.
-Communicating threats to stakeholders outside of the cybersecurity department regarding threats and risks.
-Observe and document events as they unfold during exercises and incidents to facilitate lessons learned sessions.
-Deep knowledge of the current threat landscape, including knowledge of malware operation and indicators.
onsite 2-3 days a week for ramp up and then can work remotely with 1 day per quarter required in office.
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to
HR@insightglobal.com.
To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy:
https://insightglobal.com/workforce-privacy-policy/ .
*** Bachelor's Degree and 5 years of experience or Master's Degree and 3 years of experience minimum
Strong knowledge of Splunk, Tenable Nessus, APIs, Excel and Power BI Platform for data analytics.
Sound knowledge of common infrastructure vulnerability categorizations such as CVE, CVSS, and/or CWE.
Incident management expertise with ability to translate technical risks for business leaders.
Practical knowledge of security applications and technologies, as well as operating system platforms including Windows, Mac, Linux, and Networking technologies.
Knowledge of application and infrastructure vulnerability scanning tools (e.g., Rapid7, Nessus, Qualys, Fortify, etc.) in complex or large organizations.
Technical background to understand the characteristics and exploitation vectors for vulnerabilities being reported.
Deep understanding of cybersecurity best practices and frameworks such as NIST 800-53/171, CMMC, RMF, MITRE, ATT&CK Framework, and OWASP top 10.
Experience with advanced Excel data manipulation and analysis including pivot tables, light macros, intermediate formulas.
Previous experience in analyzing data to present relevant metrics to remediation stakeholders and leadership.
Excellent written and verbal communication skills.
One or more basic cybersecurity certifications such as: Security+, CEH, CND, CySA+, CCNA-Security or equivalent.
5 years of experience in incident response strongly preferred
9 years of experience in vulnerability management strongly preferred
Experience leading or managing an Incident Response Program strongly preferred
Active Secret Clearance.
Masters degree.
One or more advanced cybersecurity certifications such as: CISSP, CISM, CRISC, CISA, CASP, GEVA, CCNP-Security or equivalent.
Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.