SSUSA Job #779: Security Monitoring & Incident Response Specialist

Job Description







·         Monitor for threats and vulnerabilities through a combination of automated and manual processes and respond accordingly. As a continuous feedback loop, incorporate learnings into additional preventive and detective controls


·         Research and develop risk mitigating approaches and drive response and remediation


·         Expand the usage of security monitoring tools to improve the security of the environment, including detection, prevention and policy enforcement; Define security configuration for monitoring tools, including alerts, correlation rules, and reporting. Leverage a combination of vendor products and services, open source and custom developed utilities


·         Serve as a subject matter expert for security monitoring and incident response related knowledge domain and tools


·         Stay abreast of the latest information security controls, practices, techniques and capabilities in the marketplace; Lead internal skills development activities for information security personnel on the topic of security monitoring and incident response, by providing mentoring and by conducting knowledge sharing sessions


·         Perform all phases of incident response life cycle: analysis, containment, eradication, remediation, recovery; Conduct forensics (e.g. host based disk and memory, as well as network) and analysis to determine root cause and impact




·         Minimum five years security monitoring experience and incident response activities; preferably within a professional services firm or similar environment


·         Bachelor’s degree from an accredited college or university


·         Experience in security monitoring, security operations, and incident response activities; Experience defining security monitoring rules, monitoring events, assessing risk, responding to incidents and providing security oversight related to the security features of IT tools supported by the IT operations teams; Strong trouble-shooting and organizational skills and ability to work on multiple projects simultaneously


·         Understanding of network and system intrusion and detection methods; Examples of related technologies include Splunk, Next Generation Endpoint Protection Platforms (EPP), Security information and event management (SIEM), hacking tools techniques and procedures


·         Experience with malware analysis, endpoint lateral movement detection methodologies and host forensic tools; Understanding of network protocol analysis







Job Location
New York City/New Jersey

Position Type