Senior Incident Response Shift Lead

About Zen:  

Own your opportunity to work with a client-focused agile small business. Make an impact by advancing our government organizations charged with keeping our country safe, prosperous, and secure. Zen Strategics, LLC is a cleared, minority-owned SBA 8(a) specialized consulting firm, offering innovative Cybersecurity, Cloud Migration, and Information Technology Modernization. We are a leading organization committed to delivering innovative solutions and ensuring the highest standards of security for our customers' digital assets. We are dedicated to staying ahead of evolving cyber threats and protecting our clients' data with cutting-edge technologies and proactive security measures.??? 

Position Description:? 

Seize your opportunity to make a personal impact as a Senior Incident Response Shift Lead. Zen is your place to make meaningful contributions to challenging projects and grow a rewarding career. As a Senior Incident Response Shift Lead you will be you will be responsible for managing a team and serving as senior responder that ensures the security of our client’s Enterprise Security Operations Center. This position is a key member of our client delivery requiring a leader responsible for incidence response, security operations team, and managing SLA requirements / ticket management. 

Responsibilities:? 

As a Senior Incident Response Shift Lead, you’ll be Zen’s lead and expert communicating effectively with government personnel, maintaining appropriate contractor management interface with the CISO and leadership. The Senior Incident Response Shift Lead, you will lead complex investigations working with cross-functional, geo-dispersed teams in a large enterprise environment. You will develop and refine incident response policies, procedures, and playbooks to ensure efficient handling of incidents throughout the incident response lifecycle. You will lead investigations, oversee incident handling, coordinate escalations to all appropriate teams / partners, and triage security events. 

Additionally, you will lead and mentor a team of security analysts and incident responders. You will provide guidance to enhance their performance and skills and establish Security Operations performance goals, priorities, and metrics in coordination with the Security Operations Manager. You will maintain and update Standard Operating Procedure (SOP) documentation as well as identify and create new documentation as needed. You will track and coordinate team schedules, manage workload balancing, create and execute team training exercises, and conduct daily briefings for the client and act as the primary point of contact for stakeholder communications.  

You will work in collaboration with IT, network, and other business units to identify and address security vulnerabilities and risks. You will analyze emerging threats and vulnerabilities, develop mitigation strategies, and prepare detailed incident reports and documentation, including root cause analysis and lessons learned, for presentation to senior management and provide continuous evaluation and improvement recommendations for security tools, technologies, and processes to enhance the organization’s incident response capabilities and overall security posture. You will stay up to date on the current threat landscape and work in coordination with the Cyber Threat Intelligence Team to strengthen the organizations security posture. Moreover, you will also ensure compliance with relevant regulations, standards, and best practices while staying updated with industry trends and threat intelligence. 

Required Education/ Qualifications: 

• Education: Minimum - Bachelor Degree with a Bachelor of Science in an Information Technology or Cybersecurity field preferred.  
• Experience:  
• Experience: 7+ years of experience in systems/infrastructure security monitoring and response on a variety of technologies (e.g., databases, networks, storage, servers, directories, etc.). 
• At least five (5) years of experience as a mid to senior level incident response analyst. 
• Certification: Active/Good standing professional certification(s) that satisfy DoD 8570’s approved baselines for either CSSP Incident Responder or IAT Level III. 
• Experience:   
• Demonstrable history of successfully leading an incident response team in and enterprise environment.  
• In-depth knowledge of each phase of the Incident Response life cycle. 
• Experience with operational toolsets that include but not limited to; Azure Security Center, ForeScout, Microsoft Defender Products, Microsoft Sentinel, RSA Archer, Forcepoint, Gigamon, Splunk, Tenable Nessus, Palo Alto, Azure Active Directory, Cisco routers and switches, Cisco ASA and NGFW platforms, Cisco ISE, EnCase (or another digital forensic tool) Akamai, PCAP analyzer, and F5. 
• Understanding of Enterprise Network Architectures to include routing/switching, common protocols (DHCP, DNS, HTTP), and devices (Firewalls, Proxies, Load Balancers, VPN). 
• Ability to recognize suspicious activity/events, common attacker TTPs, and perform logical analysis and research to determine root cause and scope of Incidents. 
• Be familiar with Cyber Kill Chain and have utilized and implemented the MITRE ATT&CK Framework within a previous environment. 
• Have scripting experience with Python, PowerShell, and/or Bash. 
• Expertise of Operating Systems (Windows/Linux) operations and artifacts. 
• Leadership ability to prioritize, assign team, follow-up, and complete multiple tasks with little to no supervision. 
• Strong problem-solving abilities with an analytic and qualitative eye for reasoning. 
• Exceptional verbal and written communication skills. 
• Professional experience and skills with Microsoft work products (Word, Excel, and PowerPoint). 
• Excellent time management skills. 
• Ability to communicate with all levels of audiences (subordinates, peers & leadership). 

Zen Serenity: 

• Flexible work week to own your priorities at work and at home. 
• 401K with company match 
• Comprehensive health and wellness packages 
• Professional growth opportunities including paid education and certifications. 
• Cutting-edge technology you can learn from 
• Rest and recharge with paid vacation and holidays 

Zen Strategics is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identify, national origin, disability, veteran status, or any protect class. If you need reasonable accommodation to search for a job opening or to submit an online application, please email accommodations@zenstrategics.com. Only messages left for this purpose will be returned.