Zen Strategics Llc
Incident Response and Security Operations Lead
Zen Strategics Llc, Washington, District of Columbia, us, 20022
All Jobs > Incident Response and Security Operations Lead
Incident Response and Security Operations LeadWFH Flexible • Washington, DCDescriptionAbout Zen:Own your opportunity to work with a client-focused agile small business. Make an impact by advancing our government organizations charged with keeping our country safe, prosperous, and secure. Zen Strategics, LLC is a cleared, minority-owned SBA 8(a) specialized consulting firm, offering innovative Cybersecurity, Cloud Migration, and Information Technology Modernization. We are a leading organization committed to delivering innovative solutions and ensuring the highest standards of security for our customers' digital assets. We are dedicated to staying ahead of evolving cyber threats and protecting our clients' data with cutting-edge technologies and proactive security measures.Position Description:Seize your opportunity to make a personal impact as an Incident Response and Security Operations Lead. Zen is your place to make meaningful contributions to challenging projects and grow a rewarding career. As an Incident Response and Security Operations Lead, you will be responsible for ensuring the security of our client’s Enterprise Security Operations Center. This position is a key member of our client delivery requiring a leader responsible for incident response, security operations team, and managing SLA requirements/ticket management.Responsibilities:As an Incident Response and Security Operations Support Lead, you’ll be Zen’s lead and expert communicating effectively with government personnel, maintaining appropriate contractor management interface with the CISO and leadership. You will oversee and coordinate responses to security incidents, managing all phases from detection to recovery. You will develop and refine incident response policies, procedures, and playbooks to ensure efficient handling of incidents. Additionally, you will supervise daily security operations, including monitoring and analyzing security events and alerts. Leading and mentoring a team of security analysts and incident responders, you will provide guidance to enhance their performance and skills. Establishing Security Operations performance goals and priorities, you will provide performance reviews. Collaboration with IT, network, and other business units will be key in identifying and addressing security vulnerabilities and risks. You will analyze emerging threats and vulnerabilities, develop mitigation strategies, and prepare detailed incident reports and documentation, including root cause analysis and lessons learned, for presentation to senior management. Continuous evaluation and improvement of security tools, technologies, and processes will be essential to enhancing the organization’s incident response capabilities and overall security posture. You will also ensure compliance with relevant regulations, standards, and best practices while staying updated with industry trends and threat intelligence.What You’ll Need to Succeed:Experience: 10+ years of experience in systems/infrastructure security monitoring and response on a variety of technologies (e.g., databases, networks, storage, servers, directories, etc.).At least five (5) years of experience in network intrusion analysis, packet analysis, and/or warning intelligence support (planning, execution, and assessment of threats).Education: Bachelor of Science in an Information Technology or Cybersecurity field preferred.Certification: Active/Good standing professional certification(s) in several of the following: CISSP, CISM, CEH, GCIH, GCFA, CASP+, CISA, AWS, Splunk, and Palo Alto highly recommended.Demonstrable history of successfully leading an incident response team in an enterprise environment. Strong technical understanding of Office 365 and Windows Server.Experience with operational toolsets that include but are not limited to; Azure Security Center, ForeScout, Microsoft Defender Products, Microsoft Sentinel, RSA Archer, Forcepoint, Gigamon, Splunk, Tenable Nessus, Palo Alto, Azure Active Directory, Cisco routers and switches, Cisco ASA and NGFW platforms, Cisco ISE, Akamai, and F5.Experience with all relevant OMB Memorandums, NIST Special Publications, FITARA, and standard best practice and federal guidance related to cybersecurity and infrastructure compliance.Strong ability to follow policy and procedures, analytical, and problem-solving skills.Define and track success measures to ensure alignment with intended outcomes.Excellent communication skills and attention to detail.
#J-18808-Ljbffr
Incident Response and Security Operations LeadWFH Flexible • Washington, DCDescriptionAbout Zen:Own your opportunity to work with a client-focused agile small business. Make an impact by advancing our government organizations charged with keeping our country safe, prosperous, and secure. Zen Strategics, LLC is a cleared, minority-owned SBA 8(a) specialized consulting firm, offering innovative Cybersecurity, Cloud Migration, and Information Technology Modernization. We are a leading organization committed to delivering innovative solutions and ensuring the highest standards of security for our customers' digital assets. We are dedicated to staying ahead of evolving cyber threats and protecting our clients' data with cutting-edge technologies and proactive security measures.Position Description:Seize your opportunity to make a personal impact as an Incident Response and Security Operations Lead. Zen is your place to make meaningful contributions to challenging projects and grow a rewarding career. As an Incident Response and Security Operations Lead, you will be responsible for ensuring the security of our client’s Enterprise Security Operations Center. This position is a key member of our client delivery requiring a leader responsible for incident response, security operations team, and managing SLA requirements/ticket management.Responsibilities:As an Incident Response and Security Operations Support Lead, you’ll be Zen’s lead and expert communicating effectively with government personnel, maintaining appropriate contractor management interface with the CISO and leadership. You will oversee and coordinate responses to security incidents, managing all phases from detection to recovery. You will develop and refine incident response policies, procedures, and playbooks to ensure efficient handling of incidents. Additionally, you will supervise daily security operations, including monitoring and analyzing security events and alerts. Leading and mentoring a team of security analysts and incident responders, you will provide guidance to enhance their performance and skills. Establishing Security Operations performance goals and priorities, you will provide performance reviews. Collaboration with IT, network, and other business units will be key in identifying and addressing security vulnerabilities and risks. You will analyze emerging threats and vulnerabilities, develop mitigation strategies, and prepare detailed incident reports and documentation, including root cause analysis and lessons learned, for presentation to senior management. Continuous evaluation and improvement of security tools, technologies, and processes will be essential to enhancing the organization’s incident response capabilities and overall security posture. You will also ensure compliance with relevant regulations, standards, and best practices while staying updated with industry trends and threat intelligence.What You’ll Need to Succeed:Experience: 10+ years of experience in systems/infrastructure security monitoring and response on a variety of technologies (e.g., databases, networks, storage, servers, directories, etc.).At least five (5) years of experience in network intrusion analysis, packet analysis, and/or warning intelligence support (planning, execution, and assessment of threats).Education: Bachelor of Science in an Information Technology or Cybersecurity field preferred.Certification: Active/Good standing professional certification(s) in several of the following: CISSP, CISM, CEH, GCIH, GCFA, CASP+, CISA, AWS, Splunk, and Palo Alto highly recommended.Demonstrable history of successfully leading an incident response team in an enterprise environment. Strong technical understanding of Office 365 and Windows Server.Experience with operational toolsets that include but are not limited to; Azure Security Center, ForeScout, Microsoft Defender Products, Microsoft Sentinel, RSA Archer, Forcepoint, Gigamon, Splunk, Tenable Nessus, Palo Alto, Azure Active Directory, Cisco routers and switches, Cisco ASA and NGFW platforms, Cisco ISE, Akamai, and F5.Experience with all relevant OMB Memorandums, NIST Special Publications, FITARA, and standard best practice and federal guidance related to cybersecurity and infrastructure compliance.Strong ability to follow policy and procedures, analytical, and problem-solving skills.Define and track success measures to ensure alignment with intended outcomes.Excellent communication skills and attention to detail.
#J-18808-Ljbffr