Edtech.com's Summary

Elsevier is hiring a Senior InfoSec Incident Response Engineer. The role involves providing key insights into new threats and leading incident response investigations in a global information security organization.

Highlights

Develops and executes security incident response plans and conducts cyber forensic investigations.
Leads full life-cycle of incident response investigations and develops comprehensive incident reports.
Analyzes and enhances security control requirements, mitigation rules, and security detection technologies.
Requires advanced knowledge of cloud infrastructure security, forensic investigations and incident response.
Licensing/certification required (e.g., CCFE, GCFE, CISSP, CISM, SANS).
Offers flexible working hours to promote work/life balance and numerous wellbeing initiatives.
Comprehensive health benefits, 401(k) matching, employee share purchase plan, and family benefits included.

Senior InfoSec Incident Response Engineer Full Description

Locations

Pennsylvania

Home based-Connecticut

Home based-New Jersey

Home based-Maryland

Home based-New York

Full time

Elsevier employs 9,200 people worldwide, including over 2,500 technologists. We have supported the work of our research and health partners for more than 140 years. Growing from our roots in publishing, we offer knowledge and valuable analytics that help our users make breakthroughs and drive societal progress.

Are you looking for a unique Cyber Security role whereby you will provide key insight and research into new threats, exploits, and mitigation techniques?

About the role: You will be entrusted as the senior most technical member of incident response handler for our global information security organization

About the team: This global team supports the Information Security department’s goals and objectives by addressing escalations, and evaluation of technology controls providing key insight and research in new threats, exploits, and mitigation techniques

Key Responsibilities:

Help improve the resilience and readiness of security protection and mitigation technologies and processes which ensure the confidentiality, integrity, and availability of the organization’s assets, information, data, and IT services in an efficient manner.
Develop and execute security incident response plans, conduct cyber forensic investigations on physical endpoints and cloud platforms, independently lead the full life-cycle of incident response investigations of all reported security incidents.
Develop comprehensive incident reports and investigation summaries. Develop and collect intelligence to proactively detect and identify high-confidence threats to the brand, service infrastructure and enterprise users and systems.
Responsible for analyzing/validating security control requirements and tuning, defining the mitigation rules, scripting and performing changes or mitigating attacks, and assisting with troubleshooting support related to any issues which may arise from security detection or protection technologies.
Assist with reviewing existing tools, applications, and processes to help strengthen and optimize current security capabilities, as well as identifying any gaps or technical solutions to further enhance the team’s effectiveness.
Lead analysis and review security events for anomalous activity, collaborate with respective peer groups to take appropriate action to safeguard company information assets against current and foreseen threats.

Requirements

Advanced knowledge of security of cloud agnostic infrastructure.
Ability to conduct forensic and incident response investigations. Understanding of incident response and risk mitigation workflow and planning.
Analysis of security events for anomalous activity. Identification of emerging security threats.
Able to develop and implement security improvement and remediation programs.
Vulnerability assessment, exploitation techniques, malware reverse engineering, threat analysis, and security threat and incident reporting.
Investigation and navigation in Cloud and Web-based environments.
Licensing/certification required (at least one of the following): CCFE, GCFE, CISSP, CISM, SANS, GIAC, ISACA, CSRIC (or related), ethical hacking/penetration tester certification, and/or security risk assessment certification

Work in a way that works for you

We promote a healthy work/life balance across the organization. We offer an appealing working prospect for our people. With numerous wellbeing initiatives, shared parental leave, study assistance and sabbaticals, we will help you meet your immediate responsibilities and your long-term goals.

Working flexible hours - flexing the times when you work in the day to help you fit everything in and work when you are the most productive.

Working for you

We know that your wellbeing and happiness are key to a long and successful career. These are some of the benefits we are delighted to offer:
Health Benefits: Comprehensive, multi-carrier program for medical, dental and vision benefits
Retirement Benefits: 401(k) with match and an Employee Share Purchase Plan
Wellbeing: Wellness platform with incentives, Headspace app subscription, Employee Assistance and Time-off Programs
Short-and-Long Term Disability, Life and Accidental Death Insurance, Critical Illness, and Hospital Indemnity
Family Benefits, including bonding and family care leaves, adoption and surrogacy benefits
Health Savings, Health Care, Dependent Care and Commuter Spending Accounts

Original Job Description

Locations

Pennsylvania

Home based-Connecticut

Home based-New Jersey

Home based-Maryland

Home based-New York

Full time

Are you looking for a unique Cyber Security role whereby you will provide key insight and research into new threats, exploits, and mitigation techniques?

About the role: You will be entrusted as the senior most technical member of incident response handler for our global information security organization

Key Responsibilities:

Help improve the resilience and readiness of security protection and mitigation technologies and processes which ensure the confidentiality, integrity, and availability of the organization’s assets, information, data, and IT services in an efficient manner.
Develop and execute security incident response plans, conduct cyber forensic investigations on physical endpoints and cloud platforms, independently lead the full life-cycle of incident response investigations of all reported security incidents.
Develop comprehensive incident reports and investigation summaries. Develop and collect intelligence to proactively detect and identify high-confidence threats to the brand, service infrastructure and enterprise users and systems.
Responsible for analyzing/validating security control requirements and tuning, defining the mitigation rules, scripting and performing changes or mitigating attacks, and assisting with troubleshooting support related to any issues which may arise from security detection or protection technologies.
Assist with reviewing existing tools, applications, and processes to help strengthen and optimize current security capabilities, as well as identifying any gaps or technical solutions to further enhance the team’s effectiveness.
Lead analysis and review security events for anomalous activity, collaborate with respective peer groups to take appropriate action to safeguard company information assets against current and foreseen threats.

Requirements

Advanced knowledge of security of cloud agnostic infrastructure.
Ability to conduct forensic and incident response investigations. Understanding of incident response and risk mitigation workflow and planning.
Analysis of security events for anomalous activity. Identification of emerging security threats.
Able to develop and implement security improvement and remediation programs.
Vulnerability assessment, exploitation techniques, malware reverse engineering, threat analysis, and security threat and incident reporting.
Investigation and navigation in Cloud and Web-based environments.
Licensing/certification required (at least one of the following): CCFE, GCFE, CISSP, CISM, SANS, GIAC, ISACA, CSRIC (or related), ethical hacking/penetration tester certification, and/or security risk assessment certification

Work in a way that works for you

Working flexible hours - flexing the times when you work in the day to help you fit everything in and work when you are the most productive.

Working for you

We know that your wellbeing and happiness are key to a long and successful career. These are some of the benefits we are delighted to offer:
Health Benefits: Comprehensive, multi-carrier program for medical, dental and vision benefits
Retirement Benefits: 401(k) with match and an Employee Share Purchase Plan
Wellbeing: Wellness platform with incentives, Headspace app subscription, Employee Assistance and Time-off Programs
Short-and-Long Term Disability, Life and Accidental Death Insurance, Critical Illness, and Hospital Indemnity
Family Benefits, including bonding and family care leaves, adoption and surrogacy benefits
Health Savings, Health Care, Dependent Care and Commuter Spending Accounts

Let me find your next job.

Thanks - you're signed up.

Senior InfoSec Incident Response Engineer

Edtech.com's Summary

Senior InfoSec Incident Response Engineer Full Description

Information Security Analyst

IT Security Engineer II

Lead Cloud Security Engineer

Application Security Engineer

Security Assurance Analyst (Remote)