Colorado Jobs

Colorado Jobs

Job Information

Humana Incident Response Lead (remote virtual home office eligible) in Colorado Springs, Colorado

Description

The Incident Response Lead will a dynamic, enterprise team that will lead hunting for and responding to cyber incidents stemming from internal and external threat actors. The Incident Response Lead shall provide Tier 3 services, which is coordination, execution, and implementation of all actions required for the containment, eradication, and recovery measures for cyber incidents.

Responsibilities

The Incident Response Lead (IRL) will be part of Humana's Cyber Incident Response team (CIR). CIR is the enterprise team responsible for the detection and response to the most sophisticated cyber threats and attacks. The IRL will leverage a variety of tools and resources to proactively detect, investigate, and mitigate emerging and persistent threats impacting Humana networks, systems, and applications. In addition to their professional roles, the IRL will be responsible for developing the Senior Incident Response Engineers (IREs) including training, mentoring and personal development plans.

Responsibilities:

In addition to accountabilities listed above:

  • Maintain high professional level across the CIR's Senior Incident Response Engineers (IRE) working from multiple locations

  • Define the needed capabilities for the CIR and IREs

  • Create a training plan for existing and new IREs

  • Mentor (personally and professionally) the IREs

  • Incident Response and Forensics

  • Serve as escalation point for conducting investigations into security incidents involving advanced and sophisticated threat actors and TTPs

  • Perform forensic analysis of electronic assets, devices, and log sources

  • Manage incident response activities including scoping, communication, reporting, and long term remediation planning

  • Assist with post incident activities

  • Serves as a centralized point of communication and provides appropriate briefings to executive staff and other stakeholders as needed

  • Big Data analysis and reporting:

  • Utilizing SIEM/Big data to identify abnormal activity and extract meaningful insights.

  • Research, develop, and enhance content within SIEM and other tools

  • Technologies and Automation:

  • Interface with engineering teams to design, test, and implement playbooks, orchestration workflows and automations

  • Research and test new technologies and platforms; develop recommendations and improvement plans

  • Improve efficiencies of Humana's incident response processes and methodologies.

Required Qualifications

  • Bachelor's or Master's degree in a technical field

  • Minimum 10 years of information security experience

  • Minimum 5 years of leading teams experience

Technical expertise in at least three of the following areas:

  • Windows disk and memory forensics

  • Cloud Operations and Engineering

  • Network Security Monitoring (NSM), network traffic analysis, and log analysis

  • Unix or Linux disk and memory forensics

  • Static and dynamic malware analysis

  • MITRE ATT&CK

  • Applied knowledge in at least one scripting or development language (such as Python)

  • Thorough understanding of enterprise security controls in Active Directory / Windows environments

Preferred Qualifications

  • Master's Degree in a Technical Field

  • Security Certification

  • Possess one cybersecurity certification, such as:

  • GIAC Certified Incident Handler (GCIH)

  • GIAC Certified Enterprise Defender (GCED)

  • GIAC Certified Forensic Analyst (GCFA)

Additional Information

  • Ability to leverage project management skills and tools to effectively budget, scope, and execute on strategic initiatives and goals

  • Ability to manage multiple projects and manage tight deadlines

  • Prior training and public speaking engagement experience

  • Ability to exercise emotional intelligence and situational awareness.

  • Strong interpersonal communication skills.

  • Ability to lead a team of highly technical security professionals

  • Ability to prepare and review customized contracts for security consulting services

  • Willingness to travel up to 10%

Scheduled Weekly Hours

40

DirectEmployers