Expoint - all jobs in one place

המקום בו המומחים והחברות הטובות ביותר נפגשים

Limitless High-tech career opportunities - Expoint

Microsoft Cybersecurity Incident Response Team Lead 
Australia 
241330752

10.09.2024

The Team Lead plays a vital role in responding to major cybersecurity incidents. They guide multi-functional teams through the incident response process, ensuring a balance between speed of recovery, evidence preservation, and security of the restoration process. As a Lead Investigator, you’ll operate like the conductor of an orchestra, coordinating actions and adapting quickly to complex situations.

Minimum required qualifications

  • Doctorate in Statistics, Mathematics, Computer Science, or related field OR 7+ years in software development lifecycle, large-scale computing, modeling, cybersecurity, and/or anomaly detection.
  • 3+ years in cybersecurity incident response investigation.
  • 7+ years in consulting.
  • Security certifications: OSCP, CISSP, SANs, or SC from Microsoft.
  • Effective delivery of complex technical discussions to various customer levels.
  • Experience in evidence collection, chain of custody, evidence storage, analysis, and reporting.
  • Eligibility or active government security clearance.

Responsibilities
  • Elevates findings to address and mitigate issues.
  • Balances dissemination value with the risk of divulging techniques.
  • Collaborates to incorporate findings into future designs and analyses.
  • Leads data quality efforts for timely and consistent data access.
  • Cleans, structures, and standardizes data sources.
  • Schedules analysis for multiple feature areas.
  • Develops guidelines, models, and best practices to avoid common issues.
  • Architects solutions and automation for security issues.
  • Drives development of guidance and education from security resolutions.
  • Advocates for key security issues and mitigations.
  • Promotes security practices across the company.
  • Leads postmortem and root-cause analyses for complex issues.
  • Ensures best practices for security architecture, design, and development.
  • Leads incident response efforts during cybersecurity incidents.
  • Identifies gaps and requests resources to fill them.
  • Coordinates with teams to ensure timely and complete engagement.
  • Balances rapid recovery with data collection and evidence preservation.
  • Manages large-scale incidents with global team collaboration.
  • Applies MITRE Attack Framework and OSI Model.
  • Embodies company culture and values.