Cyber Security Operations Lead

Location: Houston, Texas, United States
Date Posted: 05-30-2017
We are currently seeking an experienced Senior Cyber Security Operations Lead to join our Global Cyber Security Team. You will be a member of the Cyber Security team and responsible for implementing, tuning and operating our threat detection and vulnerability monitoring suite of tools.

As the ideal candidate you must be able to perform hands-on security duties, demonstrate strong communication skills, possess highly collaborative ways of working and strong ability to design and document processes for cyber security incident detection and response across global teams.  Must possess knowledge of advanced persistent threats, threat hunting, threat and vulnerability reporting, be able to operate and tune vulnerability scanning and threat detection tools. As the Senior Cyber Security Lead, you will be safeguarding our organization by anticipating, detecting and preventing cyber-attacks against our personnel, systems and network.  

This position is based out of our Houston, Texas headquarters.

PRIMARY DUTIES AND RESPONSIBILITIES:
  1. Operate and implement threat detection, event logging, end-point security and event correlation tools
  2. Building and delivering vulnerability reports and threat metrics that can be incorporated into management packs to raise awareness is an essential priority for this role
  3. Track record of ability to coordinate with teams to ensure threat tools and reports are monitoring the full scope of the environment/inventory is most desired
  4. Categorize and prioritize events of interest and incidents based upon potential business impact levels
  5. Design various reports that may be used operationally and at an executive level to review current events of interest, incidents, vulnerabilities, dwell time, and remediation progress
  6. Design, document and operate incident response processes, in alignment with NIST standards, that can be operated across IT and global network operations
  7. Provide guidance to the IT, NOC and Engineering Teams on Cyber Security threats, vulnerabilities, lessons learned from incidents, remediation and advice for long term sustainable improvements/countermeasures
  8. Coordinate across all RigNet technology teams to ensure full visibility of scope to be monitored for threats and vulnerabilities including IP inventories, Server Inventories, and Application/Software inventories
  9. Analyze security breaches to determine their root cause and define high severity incident processes flows
  10. Maintain visibility into relevant threat bulletins and craft awareness communications to deliver across global organization as well as aid with vulnerability/risk mitigation
  11. Establish standards and best practices for log collection, threat detection and vulnerability management that can be implemented across a wide array of system and network peripherals
  12. Provide knowledge, knowledge transfer, amend incident handling processes, and support migration of security activities to build a strong partnership with selected managed services security providers
  13. Maintain up to date security threat hunting knowledge by participating in educational opportunities; reading professional publications; maintaining personal networks; participating in professional organizations
  14. Assess security weaknesses with firewalls, end-point devices and in hosting environments and coordinate across teams to track and monitor remediation
QUALIFICATIONS:
Education, Knowledge, Skills, and Abilities: 
· Bachelor's Degree
· CISSP, Security+, CEH, GIAC GSEC or other comparable security accreditation desired
· Experience with threat hunting and operating end-point security and SIEM tools
· Must be able to successfully pass security background investigation and clearance as required
· Communicate effectively with both internal and external stakeholders/customers

Desired Technical Skills
  1. IDS/IPS
  2. Vulnerability Scanning, Monitoring and Prioritization
  3. End-Point Security
  4. TCP/IP, computer networking, routing and switching
  5. Firewall
  6. Securing Windows, UNIX and Linux operating systems
  7. Packet capture and analysis
  8. Event logging, monitoring and correlation
  9. Python, PERL, Bash, PowerShell or other relevant scripting languages
  10. Threat Hunting
  11. Security Information and Event Management (SIEM)
  12. E-mail filtering, web content filtering, whitelisting, DNS filtering
  13. Privileged access monitoring
For more information, please apply below or contact us
 
this job portal is powered by CATS