Responds to urgent IT and cyber situations to mitigate threats. Employs various, advanced response and recovery approaches as appropriate. Investigates and analyzes response activities. Applies tactics, techniques, and procedures for investigative processes. Conducts root cause analysis and response coordination, providing recommendations on mitigation.
- 24x7x365 Watch Team
- Lead teams to provide security monitoring and incident response services, in alignment with the mission to protect network assets (including Industrial Control Systems).
- Act as internal and external expert on matters relating to intrusion detection and incident response.
- Lead investigations into network intrusions and other cyber security breaches.
- Lead a coordinated response to complex cyber-attacks that threaten assets, intellectual property, and computer systems.
- Lead the development and improvement of security monitoring and incident response processes and solutions as required to support our cyber security program.
- Operate security monitoring and incident response toolsets with a focus on continuous improvement.
- Research and recommend solutions for incident response and digital forensics.