CSIRT Vendor Management Analyst
We are currently recruiting an Incident Management Contractor to join our Massachusetts and Austin-based Defense & Resiliency team. It is the duty of this team to review and track major security issues that benefit all Dell business divisions and mergers & acquisitions. This position involves expertise, including planning, review, notification, reaction, recovery, and post-mortem, in all phases of Cybersecurity Incident Response.
Under the Security & Resiliency division, the CyberSecurity Intelligence & Response Division (CSIRT) is responsible for working with IT, Regulatory, Human Resources, and other relevant business units to collect reports of events, determine effects, and organize the response. This position interacts with all levels of the company, especially within the global IT company, and is seen as an Incident Management expert on the topic.
The position focuses on representing the Incident Management teams in planning and design matters and delivering solutions to the IR problems of today. The task will be to connect the CSIRT with engineering / operational teams around Dell, providing experience in incident response to the technology they operate. The primary goal of this position will be to accelerate the maturity of the Incident Response feature through vendor management and collaboration.This focus will be on the current features of the suppliers as well as roadmap products and how they can be leveraged to purchase risk , increase visibility and tracking capabilities, as well as triage and contain risks in the IR lifecycle.
- 7 + years of practical experience in fields such as applications , networks or information security / cybersecurity.
- 5 + years of practice in cybersecurity incident response
- Good understanding of cloud security technology, such as CASB and products for workload safety
- Good understanding of software technology, networking protocols, platforms for Microsoft Windows and Linux / Unix, and tools with associated enterprise infrastructure expertise
- One or more of the following preferable but not mandatory certifications are: CCSP, CISSP, SANS GCIH, GCIA, GNFA, GREMM,
- Ability to perform inquiries into cybersecurity, evaluate and report related conclusions and identify the root cause
Good experience in various cloud environments like Azure, AWS, GCP, VMware Cloud, etc. with SaaS, IaaS, and PaaS
- Solid DevOps and SecDevOps experience and the application of version control and CI / CD software such as GitHub, GitLab and management frameworks. Agile and Scaled Agile awareness is highly preferred.
Experience of technology such as hypervisors, containers, and microservices for virtualization
- Provides holistic security advice through network, host, database, device, and people/process environments to a wide range of internal business stakeholders.
- At advanced stages, business unit executives and embedded security champions can be provided with the software or portfolio-level guidelines.
- Work is usually guided by leadership.
- Translates cybersecurity specifications for a single customer, software or project into specific frameworks, apps and model designs
- Works with clients to mitigate compliance risks in terms of safe product setup, implementation and how they match and conform to relevant security protocols and guidelines.
- Guides customers to create and enforce security measures
- In one or more fields, it usually provides deeper knowledge and experience.
- Mapping according to the Attack system of vendor capabilities for detecting and minimizing cyber threats.
- Providing diverse programs and strategies with IR-focused subject matter expertise
- Responsible for helping to push the approach and architecture of CSIRT to ensure it aligns with the broader strategy of Dell
- Working with CSIRT teams to further improve their approach and to consider their architectural needs
- Representing the CSIRT organization on projects guided by defense, IT and business
- Formulation and prioritisation of criteria of the Incident Management Team for programs and POCs
- Requirements and difference identification testing and evaluation
- Reflect CSIRT for function requests, road maps and QBRs in vendor calls.
- Tracking with key suppliers with feature requests and interface modification requests.
- Helping the Security Incident Management mechanism to mature to ensure that it serves the demands of the multinational organization and its separate business divisions.
- Interface with other CSIRT teams to consistently optimize the role of Incident Management across both method and role, based on vendor toolsets and features.
alarm_on Work arrangement
Location: Fully Remote
Duration: 12 months
Please send your CV to: