Full Time Job

Incident Response Lead

Turner

Burbank, CA 09-10-2020
  • Paid
  • Full Time
  • Senior (5-10 years) Experience
Job Description

The Job
You will operate as a lead incident responder as part of the organization's Counter Threat Unit (CTU).

The Daily
• First responder to investigate escalated security events
• For all incidents, act as the incident commander and/or lead investigator
• Coordinate activities of incident response team during a security incident.
• Responsible for incident planning, coordination and response activities for all of Warner Media
• Ensure incident identification, declaration, analysis, containment, recovery, communication, reporting and lessons learned
• Resident SME for all host forensic activities, including host analysis and memory forensics
• Resident expert for all network forensic activities, including network anomaly detection and pcap analysis
• Resident expert for all cloud forensic actives
• Resident expert on tactics, techniques and procedures utilized by threat actors to target enterprises
• Revise and develop incident response processes to strengthen Warner Media's ability to effectively respond to cyber threats targeting our organization.
• Oversee and assist with the development of new security detections to enable the SOC to detect new and emerging threats.
• Creation and maintenance of standardized communication templates and response procedures
• Co-ordination with stakeholders, build and maintain positive working relationships with them
• Effectively coordinate IR activities during an investigation.
• Expert knowledge in incident handling
• Actively participate in the analysis of potential security threats
• Provide leadership and support during security incidents and investigations
• Optimize the processes to respond and investigate detected attacks
• Responsible for the development of tabletop exercises

The Essentials
• 7-10 years of technical cybersecurity experience in Incident Response, Security Operations, Threat Intelligence, etc.
• Mastery of at least 7 of the following: SIEM, cloud environments, Host Forensics, Network Forensics, Malware Reversing, Intrusion Detection, Anomaly Detection, Threat Research
• Expert knowledge of Windows, OSX and or *nix operating systems
• Experience protecting large internet facing applications
• Ability to manage multiple priorities in a high-pressure environment.
• Expert knowledge of malware families and network attack vectors.
• Experience analyzing malware, identifying Indicators of Compromise (IOC) and TTPs of various threat actors through the analysis of email, malware, end-point, network, etc.
• Expert knowledge about Exploits, vulnerabilities, network attacks
• Able to convey complicated technical analysis to senior management via investigation synopses, graphical depictions of attacks, and comprehensive presentations
• Strong knowledge of cloud architecture and incident response.
• Strong knowledge of web applications and APIs
• Strong knowledge of CDNs
• Experience performing risk analysis of threats to large organization.
• Scripting (Perl, python, PowerShell, bash), RegEx and PCRE experience
• Strong English verbal and written communication skills
• Ability to multi-task and prioritize work effectively
• Highly motivated self-starter
• Responsive to challenging tasking
• Attention to detail
• Ability to document and explain technical details in a concise and understandable manner
• Strong sense of ownership and driven to manage tasks to completion
• Effective in collaboration with teams in remote locations

The Perks
• Paid time off every year to volunteer
• Access to well-being tools, resources, and freebies
• 2018 Best Company for Working Mothers
• 2018 Best Company for Dads
• An in-house learning and development team to help shape and grow your career
• Part of the WarnerMedia family of powerhouse brands

Location
Map
Advertisement
External Application Page

The application for this position is hosted at the Employer's site. Click on the button below to open the application page in a new tab in your browser.

Apply at Employer's Site