Senior Cyber Incident Response Engineer

5 days ago

Apply Now

Receive Emails with Similar Jobs

BlueCross BlueShield of Tennessee

WebsiteLinkedInAll Job Openings

Health • Wellness • Fitness • Insurance • Customer Service

5001 - 10000

Description

• Establish and maintain strong working relationships with all teams required to support cyber incident response including other enabling areas of business. • Maintains rotating on-call availability for a 24x7x365 coverage. • Provides technical services needed for cyber incident response investigations including, containment, eradication and remediation activities. • Assists in determination of incident severity. • Assists in assessing scope of incident. • Responsible for maintaining documentation throughout a cyber incident. • Assist in the drafting of post-incident reports to senior leadership to convey impact, origin, root cause, and remediation. • Oversee or perform digital forensic services including, but not limited to, collection, documentation, preservation and analysis of incident evidence. • Mentor junior engineers in security knowledge and experience in technologies and methodologies as it relates to operating systems, firewalls, proxies, access controls, encryption, networking, programming/scripting, auditing, vulnerability assessments, intrusion management and operations management to assist the Threat and Vulnerability Management team with effective research, data gathering, analysis, metrics reporting and communications. • Provide guidance using specialized knowledge and toolsets to operational teams during enterprise-wide crisis scenarios, e.g. large-scale production service outages, outside of the routine change management process.

Requirements

• 5 years - Experience in related field required. • Comprehensive understanding of Security Methodologies • Detailed knowledge of Cyber Incident Response services • Comprehensive knowledge of firewalls, proxies, mail servers and web servers • Comprehensive knowledge of client/server relationships • Comprehensive knowledge of relational databases and structured query language • Comprehensive understanding of encryption algorithms and ciphers • Comprehensive knowledge of malicious code (worms, viruses, spyware, etc.) • Advanced experience in forensics and e-discovery • Advanced experience with event and log correlation • Advanced experience with Networking components (routers, switches, load balancers, wireless access points, etc.) • Advanced experience with intrusion management and its components