Designation -Info Security Engineer Mgr/Level-4 - NeuCIRT Neustar is seeking a senior incident response security engineer for Neustar’s Cyber Incident Response Team (NeuCIRT). NeuCIRT is responsible for security monitoring and rapid incident response across all Neustar environments. A successful candidate must be experienced, energetic, engaging and able to work as a member a dynamic team addressing critical security events and solve complex problems. Candidates will be responsible for performing monitoring, triage, incident analysis & response while providing meaningful notification and mitigation strategies. Responsibilities: · As a senior member of the team, monitor and process responses for security events. (The CIRT team must be available 24x7x365 with periodic on-call shift coverage) · Analyze attacker tactics, techniques, and procedures (TTPs) from security events across a large heterogeneous network of security devices and end-user systems. · On major incidents, acts as incident commander and primary point of contact. · Plan and execute regular incident response and postmortem exercises, with a focus on creating measurable benchmarks to show progress (or deficiencies requiring additional attention). · Evaluate current CIRT standards and procedures and update or author new content as required. · Leverage a deep understanding of current and evolving security threats and threat detection solutions as well as contribute to the company's threat and vulnerability research and IT security strategy and roadmap. · Leverage automation and orchestration solutions to automate repetitive tasks. (Scripting abilities with Python are highly desired.) · Investigate and document events to aid incident responders, managers and other CIRT team members on security issues and the emergence of new threats. · Responsible for malware investigations, forensic analysis and investigation and cyber incident response in both on premise and cloud environments. Support threat assessment & continuous monitoring programs as needed including vulnerability assessments, penetration testing, documentation and follow-ups. Desired Skills: · Python (Scripting for automation) · Splunk, FireEye Helix, Symantec, Cisco · Network Packet Analysis with Wireshark/Zeek · Relevant Certifications considered a plus · Knowledgeable in the Incident Response Cycle · NIST Standards Requirements: · Deep experience working with various SIEM systems, threat intelligence platforms, security automation and orchestration solutions, intrusion detection and prevention systems (IDS/IPS), file integrity monitoring (FIM), DLP and other network and system monitoring tools. · Experience driving measurable improvement in monitoring and response capabilities at scale. · Knowledge of a variety of Internet protocols · Track record of acting with integrity, taking pride in work, seeking to excel, passionate, adaptable, and communicating effectively (Verbal, written) · Demonstratable critical thinking and problem-solving skills · Experience working in a global operational environment Why work with us? · Because we are in the most trending digital advertising domain · Because you love to build beautiful, innovative solutions that wow the customer · Because you believe in changing the status quo and are up for the challenge of your life · Because Neustar enables trusted connections between companies and people at the moment it matters most