Designation -Info Security Engineer Mgr/Level-4 - NeuCIRT
Neustar is seeking a senior incident response security engineer for Neustar’s Cyber Incident Response Team (NeuCIRT). NeuCIRT is responsible for security
monitoring and rapid incident response across all Neustar environments. A successful candidate must be experienced, energetic, engaging and able to work as a member a dynamic team addressing critical security events and solve complex problems. Candidates will
be responsible for performing monitoring, triage, incident analysis & response while providing meaningful notification and mitigation strategies.
· As a senior member of the team, monitor and process responses for security events. (The CIRT team must be available 24x7x365 with
periodic on-call shift coverage)
· Analyze attacker tactics, techniques, and procedures (TTPs) from security events across a large heterogeneous network of security
devices and end-user systems.
· On major incidents, acts as incident commander and primary point of contact.
· Plan and execute regular incident response and postmortem exercises, with a focus on creating measurable benchmarks to show progress
(or deficiencies requiring additional attention).
· Evaluate current CIRT standards and procedures and update or author new content as required.
· Leverage a deep understanding of current and evolving security threats and threat detection solutions as well as contribute to
the company's threat and vulnerability research and IT security strategy and roadmap.
· Leverage automation and orchestration solutions to automate repetitive tasks. (Scripting abilities with Python are highly desired.)
· Investigate and document events to aid incident responders, managers and other CIRT team members on security issues and the emergence
of new threats.
· Responsible for malware investigations, forensic analysis and investigation and cyber incident response in both on premise and
cloud environments. Support threat assessment & continuous monitoring programs as needed including vulnerability assessments, penetration testing, documentation and follow-ups.
· Python (Scripting for automation)
· Splunk, FireEye Helix, Symantec, Cisco
· Network Packet Analysis with Wireshark/Zeek
· Relevant Certifications considered a plus
· Knowledgeable in the Incident Response Cycle
· NIST Standards
· Deep experience working with various SIEM systems,
threat intelligence platforms, security automation and orchestration solutions, intrusion detection and prevention systems (IDS/IPS), file integrity monitoring (FIM), DLP and other network and system monitoring tools.
· Experience driving measurable improvement in monitoring
and response capabilities at scale.
· Knowledge of a variety of Internet protocols
· Track record of acting with integrity, taking pride
in work, seeking to excel, passionate, adaptable, and communicating effectively (Verbal, written)
· Demonstratable critical thinking and problem-solving
· Experience working in a global operational environment
Why work with us?
· Because we are in the most trending digital advertising domain
· Because you love to build beautiful, innovative solutions that wow the customer
· Because you believe in changing the status quo and are up for the challenge of your life
· Because Neustar enables trusted connections between companies and people at the moment it matters most