What are the responsibilities and job description for the Senior Cyber Security Incident Response Engineer position at Elsevier?
Elsevier employs 9,200 people worldwide, including over 2,500 technologists. We have supported the work of our research and health partners for more than 140 years. Growing from our roots in publishing, we offer knowledge and valuable analytics that help our users make breakthroughs and drive societal progress.
About the role: You will be entrusted as the senior most technical member of incident response handler for our global information security organization
About the team: This global team supports the Information Security department’s goals and objectives by addressing escalations, and evaluation of technology controls providing key insight and research in new threats, exploits, and mitigation techniques
Key Responsibilities:
- Help improve the resilience and readiness of security protection and mitigation technologies and processes which ensure the confidentiality, integrity, and availability of the organization’s assets, information, data, and IT services in an efficient manner.
- Develop and execute security incident response plans, conduct cyber forensic investigations on physical endpoints and cloud platforms, independently lead the full life-cycle of incident response investigations of all reported security incidents.
- Develop comprehensive incident reports and investigation summaries. Develop and collect intelligence to proactively detect and identify high-confidence threats to the brand, service infrastructure and enterprise users and systems.
- Responsible for analyzing/validating security control requirements and tuning, defining the mitigation rules, scripting and performing changes or mitigating attacks, and assisting with troubleshooting support related to any issues which may arise from security detection or protection technologies.
- Assist with reviewing existing tools, applications, and processes to help strengthen and optimize current security capabilities, as well as identifying any gaps or technical solutions to further enhance the team’s effectiveness.
- Lead analysis and review security events for anomalous activity, collaborate with respective peer groups to take appropriate action to safeguard company information assets against current and foreseen threats.
Requirements
- Advanced knowledge of security of cloud agnostic infrastructure.
- Ability to conduct forensic and incident response investigations. Understanding of incident response and risk mitigation workflow and planning.
- Analysis of security events for anomalous activity. Identification of emerging security threats.
- Able to develop and implement security improvement and remediation programs.
- Vulnerability assessment, exploitation techniques, malware reverse engineering, threat analysis, and security threat and incident reporting.
- Investigation and navigation in Cloud and Web-based environments.
- Licensing/certification required (at least one of the following): CCFE, GCFE, CISSP, CISM, SANS, GIAC, ISACA, CSRIC (or related), ethical hacking/penetration tester certification, and/or security risk assessment certification
