Incident Response Lead

Job Description

The Job
You will operate as a lead incident responder as part of the organization's Counter Threat Unit (CTU).

The Daily
• First responder to investigate escalated security events
• For all incidents, act as the incident commander and/or lead investigator
• Coordinate activities of incident response team during a security incident.
• Responsible for incident planning, coordination and response activities for all of Warner Media
• Ensure incident identification, declaration, analysis, containment, recovery, communication, reporting and lessons learned
• Resident SME for all host forensic activities, including host analysis and memory forensics
• Resident expert for all network forensic activities, including network anomaly detection and pcap analysis
• Resident expert for all cloud forensic actives
• Resident expert on tactics, techniques and procedures utilized by threat actors to target enterprises
• Revise and develop incident response processes to strengthen Warner Media's ability to effectively respond to cyber threats targeting our organization.
• Oversee and assist with the development of new security detections to enable the SOC to detect new and emerging threats.
• Creation and maintenance of standardized communication templates and response procedures
• Co-ordination with stakeholders, build and maintain positive working relationships with them
• Effectively coordinate IR activities during an investigation.
• Expert knowledge in incident handling
• Actively participate in the analysis of potential security threats
• Provide leadership and support during security incidents and investigations
• Optimize the processes to respond and investigate detected attacks
• Responsible for the development of tabletop exercises

The Essentials
• 7-10 years of technical cybersecurity experience in Incident Response, Security Operations, Threat Intelligence, etc.
• Mastery of at least 7 of the following: SIEM, cloud environments, Host Forensics, Network Forensics, Malware Reversing, Intrusion Detection, Anomaly Detection, Threat Research
• Expert knowledge of Windows, OSX and or *nix operating systems
• Experience protecting large internet facing applications
• Ability to manage multiple priorities in a high-pressure environment.
• Expert knowledge of malware families and network attack vectors.
• Experience analyzing malware, identifying Indicators of Compromise (IOC) and TTPs of various threat actors through the analysis of email, malware, end-point, network, etc.
• Expert knowledge about Exploits, vulnerabilities, network attacks
• Able to convey complicated technical analysis to senior management via investigation synopses, graphical depictions of attacks, and comprehensive presentations
• Strong knowledge of cloud architecture and incident response.
• Strong knowledge of web applications and APIs
• Strong knowledge of CDNs
• Experience performing risk analysis of threats to large organization.
• Scripting (Perl, python, PowerShell, bash), RegEx and PCRE experience
• Strong English verbal and written communication skills
• Ability to multi-task and prioritize work effectively
• Highly motivated self-starter
• Responsive to challenging tasking
• Attention to detail
• Ability to document and explain technical details in a concise and understandable manner
• Strong sense of ownership and driven to manage tasks to completion
• Effective in collaboration with teams in remote locations

The Perks
• Paid time off every year to volunteer
• Access to well-being tools, resources, and freebies
• 2018 Best Company for Working Mothers
• 2018 Best Company for Dads
• An in-house learning and development team to help shape and grow your career
• Part of the WarnerMedia family of powerhouse brands

Jobcode: Reference SBJ-rbx9ny-18-219-22-169-42 in your application.