Expoint - all jobs in one place

The point where experts and best companies meet

Limitless High-tech career opportunities - Expoint

Cisco Senior Security Incident Commander 
United States, Georgia, Atlanta 
803550462

05.02.2025

Share

Log in to apply
Applications are accepted until further notice

Incidents can happen at any time, as such this position requires on-call work (including overnight and weekends) on an as-needed basis. The core hours for this position are 9:30 AM PST - 6:30 PM (in the time zone you are hired for), Monday through Friday.

Key responsibilities:
  • Serve on a rotation of security incident commanders, work with heads of every major product team to ensure a quick mobilization for high-severity incidents
  • Experience responding to high severity incidents and handling the remediation process. (e.g. Malware analysis, large scale phishing attacks, production intrusion, etc.)
  • Familiarity with the following tools:
  • File Integrity Monitoring (FIM)
  • Vulnerability Scanners
  • Network and Host Intrusion Detection (IDS) such as SNORT/Sourcefire, Palo Alto, etc.
  • Incident Response Case Management Tools
  • Network sniffers and packet tracing tools such as DSS, Ethereral, tcpdump, Wireshark, etc.
  • Cloud (AWS, Azure, GCP)
  • Windows/Mac/Linux OS
  • Cisco physical and virtual network devices and platforms
  • Perform basic forensics when security incidents occur
  • Develop, document, and lead initiatives to improve Incident Response strategies, runbooks, capabilities, and technologies
You are an ideal candidate if you:
  • Understand common threat actor tactics, techniques, and procedures (TTPs) and how they are chained together
  • Have experience leading threat hunts, using available logs and threat intelligence to proactively identify and investigate potential risks and suspicious behavior
  • Typically have 6+ years in Cybersecurity Incident Response roles, primarily passionate about leading sophisticated incidents involving multi-functional teams.
  • An understanding of major security compliance frameworks such as PCI, SOC 2, and FedRAMP as they relate to incident monitoring and response
Bonus points for:
  • Relevant industry security certifications such as CISSP, SANS GIAC (e.g. GCIH, GNFA, GCFE, GCFA, GREM), AWS certifications (SAA, SAP, or SCS), etc.
  • Familiarity with other security verticals such as: Digital Forensics, Threat Intelligence, Threat Detection, Application Security, Cloud Security, Offensive Security
  • Networking experience with LAN/WAN routing and high availability (OSPF, BGP4/iBGP, EIGRP, and NSRP) routing protocols and technologies
  • Experience with IoT platforms, large-scale distributed systems, and/or client-server architectures

These jobs might be a good fit

Professional CV Builder tool from Expoint.

Get to the top of the "yes list" with a standout CV!

CREATE CV