Stefanini North America and APAC
Cyber Defense Incident Responder, Senior (L3)
Stefanini North America and APAC, Greensboro, North Carolina, us, 27497
Stefanini Group is hiring! Greensboro, NC (Onsite). For quick apply, please reach out to Krisha Lago. Call: (248) 728 2010 / Email: krisha.lago@stefanini.com. Work Location: 7900 National Service Road Greensboro, NC 27409.
Job Title:
Cyber Defense Incident Responder, Senior (L3) Days are M-F, 2pm to 10pm Eastern time Training (During first month of the job): M-F, 10am to 6pm Eastern time As a Senior Cyber Defense Incident Responder within the Global Cybersecurity Operations Center (CSOC) you will play a crucial role as a key technical expert responsible for managing and responding to advanced cyber threats, conducting in-depth investigations, and supporting the overall security posture of The Company. This role combines hands-on technical expertise with mentoring responsibilities, ensuring effective threat detection, incident response, and continuous improvement of SOC capabilities. What You Will Do
Analyze and respond to complex security incidents and alerts generated by SOC tools (e.g., SIEM, EDR, IDS/IPS) Investigate and resolve escalated incidents from Level 1 and Level 2 analysts, ensuring swift containment and remediation Lead investigations into cybersecurity incidents, including malware infections, data breaches, and insider threats Perform digital forensics to collect, analyze, and preserve evidence for legal or compliance requirements Provide incident reports with detailed root cause analyses and actionable recommendations Use threat intelligence to identify patterns and indicators of compromise (IOCs) relevant to the organization Work closely with junior analysts to provide guidance, training, and mentorship, fostering a culture of growth and knowledge-sharing Collaborate with IT, cybersecurity, and business stakeholder teams to implement and improve security controls Support the continuous improvement of SOC processes, tools, and technologies to enhance efficiency and effectiveness Identify gaps in detection and response capabilities and recommend improvements to SOC leadership Job Requirements
Details: Bachelor's degree in Computer Science or a related 4-year technical degree Minimum 7 years of experience in supporting cyber defense operations in highly complex enterprise networks. Experience in SOC, SIRT, or CSIRT capacities One or more of the following certifications: GIAC Certified Intrusion Analyst, GCIH Certified Incident Handler, GCIA Certified Intrusion Analyst, CISSP Experience in enterprise cybersecurity environment investigating targeted intrusions through complex network segments Expert understanding of Advanced Persistent Threat (APT), Cybercrime, and Hacktivist tactics, techniques, and procedures (TTPs) Subject Matter Expert in cybersecurity principles, threat lifecycle management, incident management Comprehensive knowledge of various operating systems (Windows, OS X, Linux), network protocols, and application layer protocols Demonstrable experience in scripting languages (PowerShell, Python, PERL, etc.) Understanding of the Cyber Kill Chain methodology, the NIST framework, the MITRE ATT&CK framework, and SANS Critical Security controls Working knowledge in modern cryptographic algorithms and systems Experience working with and tuning signatures, rules, and security technologies (IDS/IPS, SIEM, Sandboxing tools, EDR, email security platforms, user behavior analytics) Network design knowledge including security architecture Strong analytical and technical skills in network defense operations including experience with incident handling (detection, analysis, triage) Conceptual understanding of cyber threat hunting Prior experience and ability analyzing cybersecurity events to determine true positives and false positives, including alert triage, incident investigation, countermeasures, and incident response Previous experience with SIEM platforms and log aggregation systems that perform collection, analysis, correlation, and alerting Ability to develop rules, filters, views, signatures, countermeasures, and other cyber defense platforms as well as support analysis and detection continual improvement Knowledge of new and emerging cybersecurity technologies Ability to create technical documents as well as stakeholder sitreps and briefing documents Preferred Qualifications
Deep CSOC experience in intelligence driven detection, security principles, threat lifecycle management, incident management, digital forensics and investigations, network monitoring, endpoint monitoring, OT security principles CSOC Process Management experience, including process and procedure management, CSOC initiative management, continual operational improvement Preferred certifications: CISSP, GCIH, GCIA, Linux+, CCNA, CCNP Ability to demonstrate analytical skills, technical knowledge, and practical application of cyber and information security principles to both business leaders and technical teams Demonstrated knowledge in cyber defense policies, procedures, and regulations Knowledge of cyber vulnerability management processes Knowledge of common user and system authentication and authorization mechanisms Listed salary ranges may vary based on experience, qualifications, and local market. Stefanini takes pride in hiring top talent and developing relationships with our future employees. Our talent acquisition teams will never make an offer of employment without having a phone conversation with you. Those face-to-face conversations will involve a description of the job for which you have applied and the process including interviews and job offers. About Stefanini Group The Stefanini Group is a global provider of offshore, onshore, and nearshore outsourcing, IT digital consulting, systems integration, application, and strategic staffing services to Fortune 1000 enterprises around the world. Our presence spans the Americas, Europe, Africa, and Asia, with more than four hundred clients across various markets. Stefanini is a CMM Level 5 IT consulting company with a global presence. Seniority level Mid-Senior level Employment type Contract Job function Information Technology Industries: IT Services and IT Consulting Referrals increase your chances of interviewing at Stefanini North America and APAC by 2x #J-18808-Ljbffr
Cyber Defense Incident Responder, Senior (L3) Days are M-F, 2pm to 10pm Eastern time Training (During first month of the job): M-F, 10am to 6pm Eastern time As a Senior Cyber Defense Incident Responder within the Global Cybersecurity Operations Center (CSOC) you will play a crucial role as a key technical expert responsible for managing and responding to advanced cyber threats, conducting in-depth investigations, and supporting the overall security posture of The Company. This role combines hands-on technical expertise with mentoring responsibilities, ensuring effective threat detection, incident response, and continuous improvement of SOC capabilities. What You Will Do
Analyze and respond to complex security incidents and alerts generated by SOC tools (e.g., SIEM, EDR, IDS/IPS) Investigate and resolve escalated incidents from Level 1 and Level 2 analysts, ensuring swift containment and remediation Lead investigations into cybersecurity incidents, including malware infections, data breaches, and insider threats Perform digital forensics to collect, analyze, and preserve evidence for legal or compliance requirements Provide incident reports with detailed root cause analyses and actionable recommendations Use threat intelligence to identify patterns and indicators of compromise (IOCs) relevant to the organization Work closely with junior analysts to provide guidance, training, and mentorship, fostering a culture of growth and knowledge-sharing Collaborate with IT, cybersecurity, and business stakeholder teams to implement and improve security controls Support the continuous improvement of SOC processes, tools, and technologies to enhance efficiency and effectiveness Identify gaps in detection and response capabilities and recommend improvements to SOC leadership Job Requirements
Details: Bachelor's degree in Computer Science or a related 4-year technical degree Minimum 7 years of experience in supporting cyber defense operations in highly complex enterprise networks. Experience in SOC, SIRT, or CSIRT capacities One or more of the following certifications: GIAC Certified Intrusion Analyst, GCIH Certified Incident Handler, GCIA Certified Intrusion Analyst, CISSP Experience in enterprise cybersecurity environment investigating targeted intrusions through complex network segments Expert understanding of Advanced Persistent Threat (APT), Cybercrime, and Hacktivist tactics, techniques, and procedures (TTPs) Subject Matter Expert in cybersecurity principles, threat lifecycle management, incident management Comprehensive knowledge of various operating systems (Windows, OS X, Linux), network protocols, and application layer protocols Demonstrable experience in scripting languages (PowerShell, Python, PERL, etc.) Understanding of the Cyber Kill Chain methodology, the NIST framework, the MITRE ATT&CK framework, and SANS Critical Security controls Working knowledge in modern cryptographic algorithms and systems Experience working with and tuning signatures, rules, and security technologies (IDS/IPS, SIEM, Sandboxing tools, EDR, email security platforms, user behavior analytics) Network design knowledge including security architecture Strong analytical and technical skills in network defense operations including experience with incident handling (detection, analysis, triage) Conceptual understanding of cyber threat hunting Prior experience and ability analyzing cybersecurity events to determine true positives and false positives, including alert triage, incident investigation, countermeasures, and incident response Previous experience with SIEM platforms and log aggregation systems that perform collection, analysis, correlation, and alerting Ability to develop rules, filters, views, signatures, countermeasures, and other cyber defense platforms as well as support analysis and detection continual improvement Knowledge of new and emerging cybersecurity technologies Ability to create technical documents as well as stakeholder sitreps and briefing documents Preferred Qualifications
Deep CSOC experience in intelligence driven detection, security principles, threat lifecycle management, incident management, digital forensics and investigations, network monitoring, endpoint monitoring, OT security principles CSOC Process Management experience, including process and procedure management, CSOC initiative management, continual operational improvement Preferred certifications: CISSP, GCIH, GCIA, Linux+, CCNA, CCNP Ability to demonstrate analytical skills, technical knowledge, and practical application of cyber and information security principles to both business leaders and technical teams Demonstrated knowledge in cyber defense policies, procedures, and regulations Knowledge of cyber vulnerability management processes Knowledge of common user and system authentication and authorization mechanisms Listed salary ranges may vary based on experience, qualifications, and local market. Stefanini takes pride in hiring top talent and developing relationships with our future employees. Our talent acquisition teams will never make an offer of employment without having a phone conversation with you. Those face-to-face conversations will involve a description of the job for which you have applied and the process including interviews and job offers. About Stefanini Group The Stefanini Group is a global provider of offshore, onshore, and nearshore outsourcing, IT digital consulting, systems integration, application, and strategic staffing services to Fortune 1000 enterprises around the world. Our presence spans the Americas, Europe, Africa, and Asia, with more than four hundred clients across various markets. Stefanini is a CMM Level 5 IT consulting company with a global presence. Seniority level Mid-Senior level Employment type Contract Job function Information Technology Industries: IT Services and IT Consulting Referrals increase your chances of interviewing at Stefanini North America and APAC by 2x #J-18808-Ljbffr