Logo
Centraprise

Cybersecurity - Cyber Intelligence & Incident Response Job at Centraprise in

Centraprise, Grand Central, NY, US


Role: Cybersecurity - Cyber Intelligence & Incident Response Duration: 6 months Location: Long Island, NY, US (Day 1 Onsite) Responds to and remediates email, endpoint, threat intelligence, and network-based threats; provides forensic investigation and support. Provides after-hours support as needed for response activities. Collaborates with cross divisional and Cybersecurity teams to continuously improve security capabilities and response to threats in the most efficient and effective manner. Assists with projects to implement advanced technologies to prevent & identify malicious behavior within cloud environments, networks, endpoints, and email technologies. Operates products such as SIEM, SOAR, threat intelligence platforms, advanced email protection, EDR, cloud security products, IDS/IPS, Zero Trust tooling, and other security technologies. Implements and performs threat analysis utilizing industry standard frameworks (kill chain/diamond model) and techniques. Proposes and helps review security plans and policies to improve environmental security. Maintains and produces metrics, operational playbooks, process diagrams and documentation for the Cybersecurity program. Produces and distributes operational and tactical threat intelligence reports. Other duties may be assigned as needed to address new security threats facing the enterprise. Emerging Threats MonitoringObtains information and stays up to date on the latest threats and security trends in a fast and efficient way to keep enterprise environments protected. | Incident Management Assists in the investigation and resolution of security events and incidents. Ability to: Demonstrate great teamwork and partnership with internal teams for resolution of security-based issues. Perform security event correlation, triage, and analysis. Apply security Threat Intelligence while responding to and investigating security events or Incidents. Identify when an application, network, system, or user has been compromised by an internal or external threat. Work on multiple projects to improve security capabilities. Exercise strong understanding of defense-in-depth security best practices. Apply security engineering and architecture concepts to best understand how to employ the most effective security monitoring, response, and threat reporting. Demonstrate effective communication of security issues and topics to management and others. Work well under pressure and within a high paced environment. Maintain operational guidelines and standards for Cybersecurity. Focus on Customers: Promoting and living customer service as a value. Ensuring that the (internal or external) customer's needs are a driving force behind priorities, decisions, processes, and activities. Drive Results: Setting high standards of performance for self and others; assuming responsibility and sense of urgency for successfully completing assignments or tasks; self-imposing standards of excellence rather than having standards imposed. Develop Self and/or Others: Planning and supporting the development of knowledge, skills, and abilities to fulfil current or future job responsibilities more effectively. Champion Change: Actively engaging and supporting change and innovation by communicating the future-state, trying new approaches, and collaborating with others to make the change successful. Value Others: Gaining other people's trust by "doing the right thing", demonstrating openness and honesty, behaving consistently, supporting an inclusive work environment, and acting in accordance with legal, moral, ethical, professional, and organizational guidelines in support of our Values. Build Relationships: Building, leveraging, and maintaining relationships within and across work groups. Knowledge, Experience & Qualifications Working experience in a Threat Intelligence and Incident Response capacity. Working experience with industry standard security technologies and services such as Firewalls, VPNs, IDS/IPS, SASE, EDR, Proxy, SIEM, XDR, SOAR. Strong forensic experience and problem-solving ability. Knowledge of different cloud architectures, environments, and offerings. | Nice to have GSEC, GCIA, GFE, GCFA, CISA, CISSP, CISM, or CIA certification(s) Bachelor's degree in Computer Science degree or related field or equivalent combination of industry related professional experience and education Network / System Administration experience / background | | | | Specializations Incident Response, Threat Intelligence General skills Nice to have "Threat Intelligence" and "Incident Response" and ("IDS/IPS" or IDS or IPS) and forensic