Infrastructure Technology Manager (Cyber Security)

A highly motivated Infrastructure Technology Manager is primarily responsible for the enablement of our customers using Cyber technology and participate in information security activities on strategic accounts. As a Sibersek consultant you will represent the company to the client, cultivate the climate of teamwork and instill customer confidence in their defense of their networks against advanced, targeted attacks.

Responsibilities:

Work with high a profile customer account on product related consulting services

Provide deployment and configuration for suite of products like Carbon black, Splunk etc

Integrate and automate security Solution with other security products in the customer's network

Trusted advisor for the customer in matters concerning service delivery and ongoing projects

Lead client and engagement teams in successful delivery of our Managed Defense solutions, exchange threat intelligence with customers and internal teams, and briefing existing clients potential clients, and external groups on security threats and incident response

Lead security incident response and leverage product knowledge to guide customers

Articulate complex information on security threats and incident response to internal and external groups across varied levels of technical understanding

Lead efforts in expanding and improving the development of processes, methodologies, and client communication methods for advanced persistent threat detection, threat intelligence, incident response, and vulnerability analysis

Effectively communicate investigative findings and strategy to client stakeholders, technical staff, executive leadership, and legal counsel.

Responsible for building relationships with internal business units to identify innovative solutions to enhance service delivery.

Develop custom reports and other custom configurations / use cases for products within the customer’s environment

Walk customers through Sibersek suite of security response information with the capability to understand and locate the indicators of compromise

Help determine the extent of a compromise including attributes of any malware and identification of data that was possibly ex-filtrated

Ensure the health and welfare of the customer infrastructure as it pertains to the products and dependencies with other products.

Maintain current knowledge of tools and best-practices in advanced persistent threats; including tools, techniques, and procedures (TTPs) of attackers and for forensics and incident response.

Qualifications

Bachelor's degree in a technical discipline (or equivalent work experience)

5+ years’ experience in network security appliance deployment and architectures.

5+ years of technical delivery, service delivery, client management, and/or managed services experience

5 years of Information security, SOC, incident response or similar cyber experience

Experience with critical tools used in incident response, computer forensics, malware analysis, network or host-based intrusion detection, proactive services, remediation, vulnerability testing

Strong knowledge of enterprise detection technologies and processes including Advanced Threat Detection tools, IDS/IPS, Network Packet Analysis, and Endpoint Protection

Fundamental understanding in network and security protocols and operating systems (Windows, Unix, Linux)

Understanding of current information security challenges and solutions

Evaluating customer needs, coordinate design for a solution, and clearly communicate solutions

Delivering succinct and fact-based communications, both verbally and in writing

Experience in collecting, analyzing, and escalating security events; responding to computer security incidents, and/or collecting, analyzing, and disseminating cyber threat intelligence

SOC Consulting experience with the SIEM product line

Experience with scripting languages such as PowerShell or Python.

Understanding of Network Protocols and security infrastructure (proxies, email filtering technologies, and network intrusion detection systems)

Current knowledge of security threats, solutions, security tools and network technologies.

Able to build strong client relationships and be able to interact effectively at all levels of client organization

Experience conducting analysis of electronic media, packet captures, log data, and network devices in support of intrusion analysis or enterprise-level information security operations

Excellent knowledge of security solutions and technologies, including: Linux based tools, network and endpoint solution architecture/implementation/configuration

System administration experience with enterprise email systems, highly desired

Experience and knowledge of packet flow/TCP/UDP traffic, firewall, SSCM, and other agent push and distribution technologies

Excellent communication and presentation skills, with the ability to present to a variety of internal and external audiences, including the ability to comfortably interact with senior executives

Ability to set and manage expectations with senior stake-holders and team members

Experience with security products, highly desired

Incident response, malware analysis and investigation experience

Experience in an analytical role such as network forensics analyst, Threat Analyst or security engineer/ consultant