SOC Incident Remediation Consultant
Do you want to join a world leading Security organisation? Do you understand the operational security controls needed to detect, remediate, and prevent compromises? Reporting in to the Global Head of IR Remediation, this role is responsible for managing IR remediation engagements across Australia. To be a success in this role, you must be comfortable leading teams on challenging projects, working on site with clients; both senior stakeholders as well as providing hands-on assistance with containment and remediation activities. Responsibilities: Manage Incident Response containment and remediation at clients; Provide project management and governance for large-scale remediation engagements, consisting of multiple workstreams and resource assignments; Create and document detailed remediation guides and tracking documents; Design and assist clients with network architecture enhancements and configuration modifications; Recommend and document specific counter-measures and mitigation controls; Work with our sales team and clients to scope engagements, draft contracts, and deliver services; Effectively communicate remediation strategies and workstreams to client stakeholders including techl staff, exec leadership, and legal counsel; Assist with scoping prospective engagements, participating in engagements from kickoff through full remediation.
To be a fit for this role you must have the following experience: Bachelorâ€™s or Masters degree in a technical field; Minimum 8 years of information security experience Minimum 5 years of management experience At least 5 years of experience selling, scoping and leading security consulting offerings such as incident response, penetration testing, or enterprise security strategy engagements; Experience interfacing with C-level personnel (internal and external) and board members; Ability to leverage project management skills to effectively budget, scope, and execute engagements; Ability to manage multiple projects and manage tight deadlines Prior training and public speaking engagement experience Ability to lead a team of highly technical security professional. You must also possess tech expertise in 3 of the following: Lead Unix System admin or network engineer in an enterprise; Thorough understanding of enterprise security controls in AD; Windows and Unix endpoint hardening and control enforcement; Expertise in enforcing application whitelisting and host-based restriction; Understanding of enterprise networking and network segmentation strategies; Implementing logging configs for network devices, Windows and Unix endpoints; PowerShell and other scripting languages. This role will work with large enterprise and government agencies and therefore Australian citizens who can gain NV1 clearance are preferred.
This role is interviewing now so please send your CV to Matt on mdunhamdecipherbureau.com without delay..