Associate consultant - St Paul, United States - HCL Technologies

    HCL Technologies
    HCL Technologies St Paul, United States

    1 month ago

    Default job background
    Description
    IT Senior Security Incident Response Engineer - Telecommute - Grade 28 (Contractor)
    Please note this will be shift work - Monday to Friday 3pm 12am CT

    Purpose of Job:
    This role is an individual contributor for the Security Incident Response Team. As the
    team has developed into a 24/7 365 operation, we require strong individual contributors that will
    investigate, analyze and contain security incidents.
    Major Responsibilities
    Perform analysis on cybersecurity alerts in both On-Premises or Cloud environments
    Produce detailed incident reports and security recommendations
    Strong ability to collaborate, delegate tasks and drive deadline compliance in a highly regulated,
    time sensitive environment
    Manage containment and remediation efforts of affected assets, IOCs, and TTPs
    Hold stakeholders accountable for remediation actions
    Integrate and collaborate with other subject matter experts throughout the organization
    Influence the creation and/or adoption of new standards and procedures
    Identify deficiencies in processes and tools, recommend security controls and/or corrective
    actions for mitigating technical and business risk. Contribute to Lessons Learned Meetings.
    Monitor security intake technologies for reports of security incidents
    Qualifications
    4 or more years of IT Security or Cyber Security experience in any of the following areas:
    o Incident Response
    o Email Security
    o Data Protection\\Governance
    o Cybersecurity threat detection, monitoring and reporting
    o Cyber Intelligence and Threat Hunting
    o Vulnerability Management
    Experience analyzing attack vectors, current threats, and security remediation strategies
    Experience with SIEM technologies, EDR technologies, and/or Asset isolation tools
    o


    SIEM:
    Splunk, Sentinel, etc
    o


    EDR:
    Microsoft Defender, Tanium, TrendMicro VisonOne, etc
    Networking experience (including the OSI Model, TCP/IP, DNS, HTTP, SMTP), System
    Administration, and Security Architecture
    High-level familiarity of global privacy regulations (NY Cyber, GDPR, LGPD, CERT-In)
    Experience in public cloud platforms, including Azure, AWS, and Google Cloud Platform
    Assets
    Undergraduate degree or equivalent experience
    Spanish Language skills
    PowerShell, KQL, or Python scripting experience
    CISSP, CISA, GCIH, CEH, CHFI, CCSP, SEC+, Net+, A+
    Understanding of NIST 800-61, Cyber Kill Chain, and MITRE ATT&CK framework

    Provides guidance on how his area of capability can resolve an organizational need and actively participates in all phases of the solution life cycle.

    Design Solutions and best practices to meet clients objective.
    Work with clients to identify business challenges and contribute to client deliverables by refining, analyzing, and structuring relevant data

    Depending on the work environment, the subject matter expert may lead or be an active participant of a work-group with the need for specialized knowledge.

    Meet all agreed-upon turnaround times for deliverables, deliverable reviews, or deliverable sign-off
    Understands, articulates and implements best practices related to his area of expertise.

    #J-18808-Ljbffr