Cyber Threat Situation Management Consultant - Incident Management

As a Cyber Threat Situation Management Consultant, you will perform incident management activity for security incidents from both internal and external sources. Participate in all phases of incident management, including incident response planning, preparation, program development, active response, threat mitigation, lessons learned, remediation, program maturation, and other post-incident activities. The incident management role interacts with internal and external parties at all levels of the organization and possessing varying levels of technical acumen. Must have robust incident response technical expertise, strong project management skills, and excellent verbal and written communication skills. Must be able to translate complex technical situations into instructions, action items, and statuses and be able to communicate them to any audience.

Responsibilities - Investigation team performing incident management, the candidate must:

• Lead and coordinate incident response/management functions.
• Perform incident commander functions for high severity incidents and pre-incidents.
• Develop post-incident after action, lessons learned, and recommendations documentation.
• Perform technical writing for security and response functions.
• Coordinate between disparate technical groups, business owners, executive leadership, compliance teams, legal teams, and vendors.
• Perform orchestration and automation of incident functions, workflows, playbooks, and metrics.
• Maintain Incident Management policies, standards, procedures, processes, playbooks, workflows, and service level agreements to combat new or evolving threats.

Required Skills and Qualifications - A candidate should meet the majority of the following:

• Bachelor's in business administration, Computer Science, Information Technology, Cybersecurity and Information Assurance, Project Management, or similar technical degree or equivalent job experience
• 10+ years work experience in DFIR, incident management, incident response, and/or cybersecurity.
• EnCE, GCFE, GCFA, GNFA, GDAT, GCIH, GREM, GLEG, GDSA, GCCC, CISA, CISM, PMP, or similar certifications.
• Strong self-starting ability, patience, and leadership skills.
• Effective communication skills and the ability to understand and translate cyber security threats from a technical perspective to business-level understanding and execution.
• Strong analytical and problem-solving skills and the ability to work with a diverse array of teams.
• Broad technical background involving cyber security, computer forensics, network forensics, log forensics, incident response, and/or incident management.
• A thorough understanding of attacker/malware tools, tactics, and procedures.
• Training, mentoring, leadership, and project management skills.

LOGISTICS:

• Contract role through end of the year with potential for extension and/or conversion to perm.
• Work remotely anywhere in Domestic US. Preferred locations Colorado or Georgia.
• COVID-19 Vaccine and Booster Required - OR must provide valid medical exemption from doctor in advance.
• Must be able to successfully pass a 12-panel drug screen, 10-year background check, employment verification.
• You will need to be a current US Citizen or valid Green Card holder. No need for visa now or in future. This role is not able to offer visa transfer or sponsorship now or in the future.
• W2 only - No sub vendors. Sponsorship NOT available.
• Must have direct contact information on resume (phone / email) to be considered.