Robert Half Technology – Houston, TX 77056
$105,000 – $135,000 a year
The IT Security Team Lead position requires information gathering, analytics aptitude, problem-solving skills and leadership skill to manage, prioritize, neutralize digital risks/threads to ensure continuity of Company’s operations. They constantly monitor the environment for signs of trouble and are often the first point of contact when a high-risk alert is issued or a suspected attack begins to affect business operations.
The Team Lead compiles the results of these monitoring solutions, classifies, prioritizes and assigns the workload to his team while providing recommendations and guidance on the investigations and resolutions of events/threads accordingly to the company’s incident management processes.
The Team Lead will ensure that each incident/event/threat is processed appropriately, methodically and when necessary encourage out of the box thinking to resolve uncommon issue/event where standard processes are inefficient or insufficient. The Team Lead will ensure that successful resolution/neutralization processes of new events/threads are methodically and properly recorded and when possible automated.
The Team Lead will be consistently monitoring the IT Security industry to keep his team and his tools/processes at the top of the digital evolution driving people development (training, certification, drills, workshop, conference ) and tool replacement (when necessary).
Ensure great performance of the SOC team by resolving/closing ever increasing tickets numbers.
10 or more years of information technology experience with 5+ years of information security and/or SOC with 2 years or more as SOC Analyst Lv2
Windows 10 AD, Carbon Black, Palo Alto, SPLUNK or SIEM
Has at least one relevant certifications such as, CISSP, SANS, GCIH, GCIA/GCFA, GREM, OSCP, OSWP, OSCE, OSEE or OSWE
Bachelor’s or master’s degree or equivalent in a technical field such as Computer science, Management Information Technology (MIS), Engineering, and Mathematics is strongly preferred.
May consider candidates with technical school training or military training and seven (7) years’ experience.
Twelve (12) year’s work experience in computing environment or Data Networking fields. At least eight (8) years of experience on a Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC) or a Security Operations Center (SOC).
Experience with Anti-Virus, Intrusion Detection Systems, Firewalls, Active Directory, Vulnerability Assessment tools and other security tools found in large network environments; along with experience working with Security Information and Event Management (SEIM) solutions.
Familiarity with various network and host-based security applications and tools, such as network and host assessment/scanning tools, network and host based intrusion detection systems, and other security software packages. Digital Media Analysis (DMA) and prior computer forensics experience strongly desired, but not required.
Experience with SPLUNK to maintain and create, as needed, scripts to perform special functions or automated reports within SPLUNK.
Experience with a variety of operating system experience, windows/Linux/Unix/iOS/Android/WP in a functional capacity.
Knowledge/Experience with Orchestrator “ePO”, SourceFire IPS, Juniper/Palo Alto Firewalls, and
Must have familiarity with TCP/IP services or networks and have a passion and interest for technology as well as desire to learn more about security related platforms and malcode analysis. Intrusion Detect – Penetration Testing, Firewall, Active Directory