Information protection advisor - united states, hartford

Our client is looking for an information protection advisor to join their team.

the client information protection advisor for threat response engineering provides cyber security operations and incident response support focused on security orchestration automation & response technology. the client information protection advisor drives data integration and automated response to improve the security posture, in accordance with best practices and industry standards, across the enterprise. the ideal candidate will have excellent analytical skills, a background in cyber security, and direct experience working in a soar platform. the candidate will be recognized internally as a subject matter expert who provides expert counsel on complex information protection assignments/projects. the role requires the ability to analyze complex information security issues, to recommend solutions to functional leaders and key stakeholders, and to identify and apply technical solutions.

responsibilities: function as a sme working as part of a team of dedicated engineers and security professionals leverage api functionality and integrations to target key areas for functional improvements to meet objectives. assist in the development of well-defined use cases that map to areas in need of address. design integrations for multiple platforms and coordinate with technology and engineering teams and pertinent stakeholders to develop optimal solutions that meet customer requirements and exceed expectations. develop information security and incident response workflows in line with best practices create playbooks for information security use cases applying context to the incident lifecycle through event enrichment to include threat analytics and client and vulnerability data. perform classification and mapping for incident types manage and configure jobs develop custom automation scripts and integrations document processes and lessons learned. drive engagements to ensure peak time-to-value delivery identify key metrics that illustrate current state of cyber security incidents and trends and coordinated response efforts to drive efficiency. follow change management procedures define pre-processing rules and actions perform regression testing and secure development life-cycle practices assist in platform training and drive product adoption qualifications: 1-2 years experience working in soar product and developing playbooks high-level soar experience (especially xsoar) is required experience as a security incident handler or incident responder understanding of the incident lifecycle and event triage and incident response processes and procedures experience with enterprise security products (i.e. siems, fws, sandboxes, vulnerability management) and familiarity with it infrastructure. knowledge of the emerging threat landscape and threat actor ttps. basic linux system administration and troubleshooting experience ability to translate complex requirements to automation playbooks. ability to prioritize tasks and work in a agile, fast-paced environment. scripting experience, especially in python or javascript, is preferred education: a ba/bs in computer science, cyber security or related field is preferred.

More jobs