Are you the next member of our team?
Your Background and Skills
- Bachelor’s degree in computer science, IS or Information Security.
- Minimum of 5 years’ experience in Information Security.
- At least 2 years’ prior experience in a role with responsibility for information security incident response; this is not an entry level position.
- CISSP, OSCP, CRISC, GCIH, GCFA, GFCE, GSE and/or similar certification desirable.
- Excellent program/project management, prioritization, and organizational skills.
- Acute attention to detail.
- Experience with Microsoft Defender for Endpoints.
- Experience with Windows 10/11 operating systems and MacOS.
- Experience working with Zendesk and Qualys.
- Experience working with and managing phishing simulation platforms.
- Experience with network fundamentals such as IPv4, subnet mask, DNS, DHCP, etc.,
- Experience creating, collecting, and assembling metrics for reporting.
- Experience with incident response.
- Experience working with on-prem and Cloud technology platforms and applications.
- Must demonstrate valid proof of unrestricted authorization to work in the country where this position is based.
Your Daily Tasks
- Monitor alerts, detections, or other indicators of compromise/attack from a variety of information security solutions.
- Perform threat hunting by actively seeking out anomalies and Indicators of Compromise and/or verifying their presence in IREX’s Information Technology Environment.
- Perform Incident Response activities based on automated alerts, malware assessment, IOC discovery and other threat hunting activities.
- Investigate, contain, eradicate, and/or escalate security detections as appropriate.
- Assist in the discovery, analysis, and remediation of vulnerabilities.
- Monitor security platforms’ health for errors, misconfigurations, or performance alerts.
- Leverage SIEM platform by creating and executing search queries, dashboards, and alerts to identify threats, indicators of compromise, and assist in investigations.
- Perform control testing and other risk management activities.
- Provide information in response to assessments and audits.
- Provide oversight of managed third-party security services.
- Maintain an understanding of the systems, solutions, and technologies deployed in IREX’s IT infrastructure.
- Serve as a resource to the organization in the realm of information security by maintaining a dedication to continuous learning and growth.
- Contacts staff and assists in resolving security issues.
- Contacts staff and vendors to gather information about security incidents.
- Contacts vendors and contractors regarding information security issues.
- Document and generate reports of detections and response actions for review by management and other stakeholders.
- Update and manage IREX’s Information Security SharePoint Site.
- Provides security training to partners and projects, when requested.
- Provides policies and procedures documentation to NBD, when needed.
- May communicate with NBD regarding regional privacy regulations.
- Responsible for the execution of the unit budget.
- Support fellow team members, end-users, and other stakeholders’ requests related to information security services.
- Other duties as assigned.
