Robert Half Technology Manager of Incident Response Digital Forensics in Orlando, Florida
The Manager of Incident Response Digital Forensics will oversee Incident Response Forensics projects, ensuring a client-centric approach to all engagements is established and well-communicated. This role is critical to the success of the company, as it will manage the local and remote teams, make key operational engagement decisions, and maintain morale among all involved. Responsibilities:
Manager will lead client projects and ensure all aspects of the client engagements are being managed and delivered with quality and speed
Manage teams of Senior Incident Response Consultants, and Associate Consultants
Manage the full life-cycle of incident response engagements including: scoping work, guiding clients through the Incident Response process; containing security incidents involving sophisticated APT level actors; providing guidance on longer term remediation recommendations; and managing both short-term and long-term containment and remediation
Ensure the team is responding to data breaches and security incidents leveraging security tools including: System Forensics tools such as Encase, Axiom, FTK Imager, X-Ways, SIFT; Data analytic tools including Splunk, ELK Stack; Security tools including ArcSight, AlienVault, NetWitness; Fidelis, FireEye, RedSeal, SkyBox, Cylance, Suricata, Solarwinds, Palo Alto, Cisco switches, routers and security appliances, as well as commercial, open source and custom proprietary investigation tools to determine source of compromises and malicious activity that occurred in client environments
Conduct security gap analysis assessments, penetration testing / red-team assessments, and vulnerability assessments to identify security vulnerabilities and issues in client environments
Conduct compliance audits and assessments for Sarbanes Oxley, PCI, ISO 27001, NIST 800-171, HIPAA/HITECH, GDPR and others as required
Provide written and verbal reports and presentations to clients from a 'C' executive to a junior system administrator
Act as the primary technical leader for an engagement
Provide and update documentation including procedures and training for staff
Mentor the team; especially the more "junior" level incident response consultants in incident response and forensics
Provide SME level Security Architect oversight to an engagement
Provide CERT and SOC leadership for internal teams as well as client teams If you are interested please send your resume to Ben.Drogalis@rht.com
Technology doesn't change the world. People do.
As a technology staffing firm, we can't think of a more fitting mantra. We're extreme believers in technology and the incredible things it can do. But we know that behind every smart piece of software, every powerful processor, and every brilliant line of code is an even more brilliant person.
Leader among IT staffing agencies
The intersection of technology and people — it's where we live. Backed by more than 65 years of experience, Robert Half Technology is a leader among IT staffing agencies. Whether you're looking to hire experienced technology talent or find the best technology jobs, we are your IT expert to call.
We understand not only the art of matching people, but also the science of technology. We use a proprietary matching tool that helps our staffing professionals connect just the right person to just the right job. And our network of industry connections and strategic partners remains unmatched.
Apply for this job now or contact our branch office at 888.674.2094 to learn more about this position.
All applicants applying for U.S. job openings must be authorized to work in the United States. All applicants applying for Canadian job openings must be authorized to work in Canada.
© 2018 Robert Half Technology. An Equal Opportunity Employer M/F/Disability/Veterans.
Req ID: 01030-9501195702
Functional Role: Project Leader/Manager
Postal Code: 32801
Bachelor's degree in a Computer Science, Computer Engineering, Information Assurance, Forensic Sciences, or related technical field
Minimum 10+ years of experience including extensive experience in large enterprises
Minimum 7+ years of CERT or SOC experience, including experience in large enterprises
Minimum 3+ years of audit or assessment experience with PCI, ISO 27001, NIST, and/or HIPAA
Minimum 3+ years of Forensics experience leading forensic engagements
Minimum 3+ years of Network and System Administration experience at a SME level, including experience in Fortune 100 corporations
Proven experience managing people, leading teams, and training
Proven experience evaluating and providing gap analysis and security recommendations for large enterprises
Proven track record working in Incident Response in Fortune 100 environments, with commensurate leadership experience
Proven experience with ArcSight, Alienvault, Elk Stack, Splunk, Fidelis, Cylance, EnCase, FTK, X-Ways, SIFT, Splunk, Redline, Volatility, WireShark, tcpdump, Firewalls, Routers, Switches, IDS/IPS (host and network), APT detection and mitigation tools, deception tools, audit and assessment tools, MetaSploit, Nessus, Rapid7, and Core Impact, and many other commercial and open source security tools
Must be eligible to work in the US without sponsorship
Pass drug screening + background check Additional Qualifications:
Willingness to travel up to 50%
Willingness to travel internationally including the Middle East
Current CISSP certification
Minimum 3+ years of CISO or CSO level experience
Very strong Cisco CCNP level networking expertise
Very strong Microsoft MCSE level administration expertise
Ability to successfully interface with both internal and external clients, C-Suite, Legal Counsel
Ability to document and explain technical details in a concise, understandable manner
Ability to manage and balance own time among multiple tasks
Ability to multitask while in an extremely chaotic environment that moves at a rapid pace while providing SME level technical and programmatic leadership and managing customer expectations
Eligibility for Top Secret Security Clearance is a plus