BethlehemRecruiter Since 2001
the smart solution for Bethlehem jobs

Cybersecurity Operation & Incident Response Lead

Company: Minerals Technologies Inc.
Location: Bethlehem
Posted on: February 20, 2021

Job Description:

We currently have an exciting opportunity for an Cybersecurity Operation & Incident Response Lead at our Bethlehem, PA location. This role is highly technical as the day-to-day oversight and escalation point for the Security Operations Center (SOC) [currently outsourced] - it requires a holistic depth of knowledge across the security technology tools stack as well as hands-on keyboard experience and ability to work collaboratively across the organization.

Primary Duties & Responsibilities
Keeps abreast of industry trends and current emerging risks.

  • Assess scope and severity of escalated alerts and effectively communicate to Cyber Security Manager.
  • Serve as escalation point to provide thorough analysis of risks, vulnerabilities, and security incidents.
  • Lead response to IR activities across multiple internal teams, including infrastructure, network, endpoint, Managed SOC, incident response; enforce incident response SLAs.
  • Investigate security events forwarded from Level I & II Analysts and client for security risk.
  • Serve as Security Incident Response Team Lead (when necessary).
  • Conduct detailed security event analysis from network traffic attributes and host-based attributes (binary analysis, etc.) to identify information security incidents.
  • Proactively search for and respond to security events and incidents from SIEM, Firewall (FW), Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Antivirus (AV), Network Access Control (NAC) and other client data sources.
  • Review lessons learned from previous incidents.
  • Coordinate with Cyber Threat Intelligence and Vulnerability Assessment teams to assess real-world risk.
  • Keep up-to-date on ongoing threat risk trends as well as common advanced persistent threats (APTs) actors.
  • Identify strategic and operational SOC improvements and communicate those effectively to management.
  • Collect and analyze SOC metrics as well as coordinate feedback with Cyber Security Manager.
  • Develop best practices around investigations and incident response.
  • Develop and adjust SIEM rules and analyst response procedures.
  • Document actions in cases to effectively communicate information internally and to Managed SOC.
  • Provide documentation and project support.
  • Perform system maintenance and maintain current documentation.
  • Provide resolution plans for system and network issues.
  • Respond to inbound requests via phone and other electronic means for technical assistance. 21. Responsible for other duties as assigned.


    1. Actively participates in the implementation of sustainable improvement processes, such as 5S, Kaizen, Total Productive Maintenance (TPM), Daily Management Control, Standard Work and Problem Solving

    Other Related Duties

    1. Participates in the Operation Excellence Program as outlined by the Company.
    2. Other duties and special projects as assigned.

    Note: Management reserves the right to assign or reassign duties and responsibilities to this job at any time.

    The requirements listed in the sections that follow are representative of the knowledge, skills and/or abilities required to perform the duties of this job. Reasonable accommodations may be made to enable qualified individuals with disabilities to perform the essential functions (primary duties) of the job.

    Education: Bachelor's Degree in computer science, computer engineering, or information systems with emphasis on IT/Information/Cyber-security preferred.

    Experience: Minimum of 5+ years of experience in information services with 5 years of demonstrable and progressive experience operating incident response and handling domains. Require in-depth understanding of Information Security practices for network, servers, databases, applications, and advanced use of incident response and handling techniques.

    Skills and attributes for success include the following:
  • Personal and Operational Leadership to lead a highly technical team.
  • Information Security Principles, Technologies, and Practices.
  • Proven experience with multiple security event detection platforms.
  • Expert understanding of TCP/IP networking skills to perform network analysis to isolate and diagnose.
  • Expert understanding of IDS/IPS rules to identify and/or prevent malicious activity.
  • Excellent written and verbal communication skills required. Must be able to communicate technical details clearly.
  • Integrity in a professional environment.Minimum of 5 years of experience in one or more of the following:
    • Working in a Security Monitoring/Security Operations Center environment (SOC).
    • Experience investigating security events, threats and/or vulnerabilities.
    • Experience leading and directing security incident response.
    • Experience with a variety of operating systems including Windows, Linux or UNIX in a functional capacity.
    • Understanding of electronic investigation and log correlation
    • Proficiency with the latest intrusion detection platforms; working knowledge of Linux and/or Windows systems administration (Including AD).
    • Understanding of well-known protocols and services e.g., FTP, HTTP, SSH, SMB, DAP.
    • Understanding of routing principles and networking fundamentals: Packet Analysis Tools (TCPDUMP, Wireshark, Ngrep).
    • Scripting or programming (Shell scripting, Python, PowerShell, Perl, Java, etc.).Should have detailed understanding on below technologies.
      • Desired skill: Previous leadership experience as a team lead or supervisor
      • Experience working with SIEM [QRadar], Antivirus [McAfee], Endpoint Detection and Response (EDR) [McAfee, Carbon Black, and Crowdstrike], Log Aggregators, Incident Response Management solutions
      • Experience managing standards, developing Security Operations Process, reporting and dashboards
      • Automation experience on Phantom, Demisto, or other SOAR tools
      • Forensic experience (1-2 years) especially around in-memory attacks -- Reverse Malware engineer experience (1-2 years).
        -- AWS, Azure and Google Cloud Platform (GCP)

        Certifications (Desirable)
        -- SANS/GCIH OR
        -- CISM (Certified Information Security Manager) OR
        -- Certified Information Systems Security Professional (CISSP) OR
        -- CompTIA Security+
        -- Other related certifications such as SANS/GCIA, SANS/GCFA, SANS/GCIH, SANS/GCFE, SANS/GIAC, SANS/GSEC, are preferred, but not required.

        Knowledge of Cybersecurity Framework (e.g. NIST CSF, ISO27001) would be desirable

        Other Desired Experience:

        -- Master's degree in computer science, information systems, engineering, business administration or a related field is preferred, but not required.
        -- Strong understanding of information security and the relationship between threat, vulnerability and information value in the context of risk management.
        -- Ability to gather, analyze and interpret business drivers and developing practical security solutions that provide adequate security to support the business.
        -- Possess a good understanding of appropriate leading-edge technologies.
        -- Known to relevant technology companies as a thought leader around security, privacy and supporting technologies.
        -- Extensive experience working across a diverse and inclusive team environment with strong commitment to respect, equality and teaming.

        Critical competencies for success:
        -- Leadership skills: Must have the proven ability to lead the development, planning, coordination, and monitoring of security operations and incident response solutions and programs, and be a key part of the overall leadership for all aspects of information security. This leader will be known as a collaborative and influential executive who can serve as an effective member of the executive management team at MTI. This leader will be known as a collaborative individual who can serve effectively as an active contributor at MTI. Must be able to communicate effectively regarding security, privacy, risk, compliance, strategy and the required investments to technologists and business personnel.
        -- Security knowledge: Able to draw upon proven experience to recommend and gain buy-in to numerous information security policies and solutions. He/she will be able to provide leadership by demonstrating subject matter expertise. This individual is able to represent the interests of the organization and gain support from stakeholders
        -- Ability to deliver: This individual will have the proven ability to contribute solutions to large, complex projects across various business and functional departments as they pertain to risk and security matters. He/she can create a positive and productive mindset with solutions to meet clear objectives, goals and effective processes.
        -- Project, Program and Portfolio Management: This individual must have a solid foundation of program and project management in past initiatives. The individual must have experience in leading and directing a portfolio of projects and initiatives in both a project and a sustained operational capacity.

        Travel: Travel to other work sites may occur.

        Work Hours: Must have ability to work the shift/number of hours in which duties need to be accomplished, including overtime, holidays and weekends, as necessary. Call-ins may occur as needed.

        Equal Opportunity Employer

Keywords: Minerals Technologies Inc., Bethlehem , Cybersecurity Operation & Incident Response Lead, Other , Bethlehem, Pennsylvania

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category

Other Other Jobs

Managed Services Account Executive
Description: A Candoris Managed Services Account Executive will cultivate business in small to medium markets across commercial and higher education verticals. The right candidate will identify, qualify, and position (more...)
Company: Candoris
Location: Harrisburg
Posted on: 02/26/2021

Sr Tech Lead- API
Description: The Denzel Group is partnered with an industry leader in the Harrisburg area on their search for a Sr. Technical Lead - API Gateway. In this role, you will
Company: The Denzel Group
Location: Harrisburg
Posted on: 02/26/2021

Supplement Your Income - Shop and Deliver
Description: FULL-SERVICE SHOPPERWhy shop and deliver with Instacart Instacart is the North American leader in grocery delivery. We strive to help make grocery delivery effortless, affordable, and accessible to everyone. (more...)
Company: Instacart
Location: Harrisburg
Posted on: 02/26/2021

Multi-Channel Transmission Systems Operator-Maintainer (25Q)
Description: For the military to make strategic decisions, they depend on having the right information when they need it. Multi-Channel Transmission Systems Operator-Maintainers ensure the communication to make these (more...)
Company: Army National Guard
Location: Harrisburg
Posted on: 02/26/2021

Licensed Counselor - Work from home online
Description: Private practice with no doors and no overhead. Join the world's largest online counseling platform. We provide the marketing, the technology, and the additional income. You provide the professionalism, (more...)
Company: BetterHelp
Location: Lancaster
Posted on: 02/26/2021

Bath Installation Apprentice
Description: Job Responsibilities br br A Bath Installation Apprentice is responsible for learning and assisting in all areas of an Acrylic Bath Installation. Daily responsibilities will be maintain the supply (more...)
Company: PJ Fitzpatrick
Location: Harrisburg
Posted on: 02/26/2021

Remote Call Center
Description: Remote Call Center needs inbound call center experience Remote Call Center requires: 1 year call center 30-35 WPM Bilingual
Company: Global Channel Management, Inc
Location: Levittown
Posted on: 02/26/2021

DotNet Specialist
Description: NOTE: START DATE FOR THIS POSITION IS IN MARCH. THIS POSITION IS INITIALLY FOR FOUR MONTH, BUT IT COULD BE EASILY EXTENDEDFirst round, in-person interviews are required for this position unless otherwise (more...)
Company: Logic House LTD
Location: Harrisburg
Posted on: 02/26/2021

Survey Party Chief
Description: Our client is actively interviewing Survey Party Chiefs and Crew Chiefs to join their local and growing firm. As a multi-disciplinary engineering company, they operate in several markets including civil (more...)
Company: gpac
Location: Harrisburg
Posted on: 02/26/2021

Personal Care Assistant
Description: Are you compassionate, dedicated and dependable Do you love to go above and beyond to help others --At FirstLight Home Care, we're dedicated to hiring the kind of people we would trust with our own families. (more...)
Company: Firstlight Homecare
Location: Lancaster
Posted on: 02/26/2021

Log In or Create An Account

Get the latest Pennsylvania jobs by following @recnetPA on Twitter!

Bethlehem RSS job feeds