What you’ll be doing...
As a member of Verizon’s Threat Management Center Incident Response Team (TMC – IRT), the incident handler will coordinate the response activities for cyber security incidents across the Global company environment. The successful candidate will focus on reviewing, triaging, analyzing, and remediating cyber security incidents. The Incident Handler is the escalation point for Threat Monitoring analysts, and as such, will handle validated cyber security incidents, in accordance with the cyber security incident response process. The successful candidate will perform functions such as log analysis, conduct in-depth technical analysis of network traffic and endpoint systems, enrich data using multiple sources, and will be responsible for rapid handling and mitigation of cyber security incidents.
The candidate will join a team of event analysts and incident responders, and will have an opportunity to participate in a number of Global cyber security initiatives. Successful candidates should be familiar with incident response processes, network investigative techniques, network intrusion patterns, malware analysis, and cyber security trends and issues. Sr. Incident Response handlers are considered thought leaders, should be willing to mentor and advise others, and will drive the operational and strategic growth of the organization.
· Acts as Incident Commander for high impact cyber breaches and advanced attacks in accordance with Cyber Kill Chain methodology and incident response process.
· Understand Incident Response processes and participate in analysis, containment, and eradication of cyber security events and incidents.
· Conducts malware analysis and identification of Indicators of Compromise (IOCs) to evaluate incident scope and associated impact
· Utilize analytic experience to address cyber-attacks and mitigate indicators and correlations to identify attribution and potential threat and impact to Verizon.
· Enhance workflow and processes driving incident response and mitigation efforts
· Executes the Incident Response Lifecycle to drive threat remediation and identify strategic countermeasures improving future defenses
· Expert leverage of Forensics techniques, tools, and capabilities to support Cyber Incident Response activities
· Perform analysis of logs from various security controls, including, but not limited to, firewall, proxy, host intrusion prevention systems, endpoint security, application and system logs, to identify possible threats to network security.
· Provide leadership and guidance to advance the defensive capabilities of the Threat Management Center (TMC) and its subsequent ability to defend the Verizon Enterprise
· Writes technical articles for knowledge sharing
· Collaborate with Threat Monitoring event handlers and to improve prevention and detection methods.
What we’re looking for...
· Bachelor’s degree or six or more years of work experience
· Six or more years of relevant work experience
· Experience working Incident Response processes network investigative techniques, network intrusion patterns, malware analysis, and cyber security trends
Ideally, you’ll also have:
· Experience executing various Incident Response Frameworks and Handling Procedures
· Previous experience with malware reverse engineering
· Previous experience in Cyber Intelligence or related disciplines
· Previous experience with Cyber Kill Chain and diamond model methodology
· Understanding of Networking (including the OSI Model, TCP/IP, DNS, HTTP, SMTP), System Administration, and Security Architecture
· Proficient in understanding Operating Systems and their architectures: Windows, Unix/Linux, and OSX Operating Systems
· Demonstrates leadership and mentoring skills to help advance the overall capabilities of the TMC organization.
· Strong communication, presentation, and leadership skills along with the ability to work in a highly collaborative environment
· Strong relationship skills and collaborative style to enable success across multiple partners.
· Manages multiple priorities in a high pressure environment
· Related Certification (Security+, CISSP, GCIH, GCFA, GCFE, GREM) a plus
· Ability to comply with any regulatory requirements
When you join Verizon...
You’ll be doing work that matters alongside other talented people, transforming the way people, businesses and things connect with each other. Beyond powering America’s fastest and most reliable network, we’re leading the way in broadband, cloud and security solutions, Internet of Things and innovating in areas such as, video entertainment. Of course, we will offer you great pay and benefits, but we’re about more than that. Verizon is a place where you can craft your own path to greatness. Whether you think in code, words, pictures or numbers, find your future at Verizon.
Equal Employment Opportunity
We're proud to be an equal opportunity employer- and celebrate our employees' differences, regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or Veteran status. Different makes us better.