Job Description

TCI has an immediate need for a mid-level Incident Response (IR) Lead in Melbourne, FL. This is not a Corp2Corp opportunity.  This is a contract-to-hire opportunity.  In addition to competitive, market-rate based pay, TCI provides all our Consultants with Comprehensive Medical/Dental Insurance, 401k, Life Insurance and Long-Term Disability benefits.
**Requires current Public Trust Security Clearance or ability to obtain one prior to start**
SUMMARY
The Incident Response Lead will join the Security Operations Team. This is a Level 3 Information Technology Security (IT Security) position that is staffed in the Security Operations Control Center (SOCC).
RESPONSIBILITIES
  • Responsible for Tier II security incident investigation, and reporting.
  • Manages SIEM front-end including workflow management, threat hunting assignments, threat intelligence ingests, rule/alert creation and maintenance, and can identify when an event is not parsed correctly.
  • Completes monthly metrics collection and analysis of IR team effectiveness.
  • Provides subject matter expertise, on-the-job training, and training materials for junior incident response analysts.
  • Serves as IR escalation point of contact between Tier I and III.
  • Reviews, updates, and maintains the SOCC’s IR Plan.
  • Provides on-call support when escalation is required or as required by customer.
  • Maintains currency with threat intelligence and latest vulnerabilities "in-the-wild".
  • Customizes IR monitoring strategies to improve detection capabilities and reduce time to detection.
  • Conducts security exercises to test SOCC readiness and capability.
  • Polls IR team for on-the-job knowledge and develops impromptu/informal training sessions to ensure entire team is trained and ready to perform.
REQUIREMENTS
  • Bachelor’s Degree in Computer Science, Information Technology/Computer Information Systems, or related field with Cyber/Information Security.
  • 7+ years of information technology experience OR 10 years without a degree.
  • 4+ years of incident response experience.
  • Thorough understanding of system logs, log analysis, and packet analysis.
  • Functional knowledge of Cisco routers and switches and CLI configurations.
  • In-depth knowledge of SIEM functions threat hunting, correlation of events, dashboard creation, metrics development, and creating alerts based on threat intelligence and IOCs.
  • Experience in a Team Lead capacity.
  • Thorough understanding of 2nd and 3rd order vulnerability mitigations beyond system patching cycles.
  • Ability to prioritize vulnerability mitigation efforts based on risk assessments.
  • Must possess a current Public Trust Security Clearance or have the ability to obtain one prior to start.
DESIRED SKILLS & EXPERIENCE
  • Security + Certification

Application Instructions

Please click on the link below to apply for this position. A new window will open and direct you to apply at our corporate careers page. We look forward to hearing from you!

Apply Online