Incident Response Team Member

Interview Mode: Initial video potential inperson. Looking for local candidates in NY/NJ only.

Title: Incident Response Team Member

Rate: $60/hr on c2c

Visa: No H1b CPT L2 and TN

Client: Confiential

Location: Initial start 4 days a week for training and then will go to 3 days hybrid model in midtown NYC 10019

Consultant role will be responsible for responding and managing endtoend Security Incident Management Lifecycle: Incident Identification Triage Containment Eradication Recovery and Lesson Learnt. The consultant will be technical point of contact to respond and drive the security incidents response in the region as part of the global FTS model. Consultant has a wide spectrum of responsibilities and will be responsible for following activities (but not limited to) in daytoday work:

• Identifying and detecting Incidents and taking immediate action on security incidents including (and not limited to) DoS attacks malware attacks phishing attacks web attacks;
• End to end ownership in driving and leading Security Incident Response and Resolution activities;
• Participate and support performing forensics investigations as required to respond to the Security Incidents;
• Responding to Security Threats and Intelligence alerts & notifications from Group CERT Regional Regulators and authorized Threat Intelligence groups and ensuring appropriate preventive and detective actions are coordinated and deployed in liaison with IT Operations teams as per the defined approach and in timely manner;
• Owning end to end coordination communications and deployment of action plans for Threat Advisories or lesson learnt from Security Incidents;
• Prepare detailed Incident Postmortem report and Executive Summary to document the Security Incident chronology root cause remediation and lesson learnt;
• Creating and updating the incident response plan (IRP) and playbooks and ensuring periodical review of playbooks to ensure the relevancy of response actions in current context including updated information of all stakeholders involved;
• Collaborate with other Geos CSIRT team members on security matters and act as a backup to manage security incident and other security activities in scope as needed;
• Periodic review of security measures of Networks (Switches. Routers Firewall IPS etc.) In addition Systems (Win**NIX etc.) in support of management of vulnerabilities;
• Support and integrate with incident response threat intelligence and overall security strategy as needed;
• Complete all mandatory trainings as required to attain and maintain competence;
• Comply with all applicable legal regulatory and internal Compliance requirements including but not limited to the Compliance manual and Compliance policies and procedures as issued from time to time; Financial Security requirements including but not limited to the prevention of Financial Crime and Fraud including reporting obligations to the Money Laundering Reporting Officer zone wide.
• Support and run annual tabletop incidents exercise with management.
• Vulnerability management: Ensure vulnerability remediation process is known followed and at the expected level of performance
• In case of severe security incident (suspected or effective attack): Coordination of investigation mitigation and remediation operation in relation with IT operation and application teams.