Stefanini Group
Cyber Defense Incident Responder, Senior (L3)
Stefanini Group, Greensboro, North Carolina, us, 27497
Overview
Cyber Defense Incident Responder, Senior (L3) role at Stefanini Group – Greensboro, NC (Onsite).
Details
Job Title: Cyber Defense Incident Responder, Senior (L3)
Location: Greensboro, NC (Onsite)
Address: 7900 National Service Road, Greensboro, NC 27409
What You Will Do
Analyze and respond to complex security incidents and alerts generated by SOC tools (e.g., SIEM, EDR, IDS/IPS).
Investigate and resolve escalated incidents from Level 1 and Level 2 analysts, ensuring swift containment and remediation.
Lead investigations into cybersecurity incidents, including malware infections, data breaches, and insider threats.
Perform digital forensics to collect, analyze, and preserve evidence for legal or compliance requirements.
Provide incident reports with detailed root cause analyses and actionable recommendations.
Use threat intelligence to identify patterns and indicators of compromise (IOCs).
Mentor junior analysts, providing guidance, training, and knowledge sharing.
Collaborate with IT, cybersecurity, and business stakeholders to implement and improve security controls.
Support continuous improvement of SOC processes, tools, and technologies to enhance efficiency and effectiveness.
Identify gaps in detection and response capabilities and recommend improvements to SOC leadership.
In This Role You Will Bring
Bachelor's degree in Computer Science or a related 4-year technical degree.
Minimum 7 years of experience supporting cyber defense operations in highly complex enterprise networks (SOC, SIRT, or CSIRT experience).
One or more of the following certifications: GIAC Certified Intrusion Analyst, GCIH, GCIA, CISSP.
Experience investigating targeted intrusions through complex network segments.
Understanding of APT, Cybercrime, and Hacktivist TTPs.
Expert knowledge of cybersecurity principles, threat lifecycle management, and incident management.
Knowledge of operating systems (Windows, OS X, Linux), network protocols, and application layer protocols.
Experience with scripting languages (PowerShell, Python, PERL, etc.).
Understanding of the Cyber Kill Chain, NIST framework, MITRE ATT&CK, and SANS Critical Security Controls.
Knowledge of cryptographic algorithms and systems.
Experience with SIEM, IDS/IPS, EDR, sandboxing tools, and related security technologies.
Network design knowledge including security architecture.
Strong analytical and technical skills in incident handling (detection, analysis, triage).
Knowledge of cyber threat hunting concepts.
Ability to analyze cybersecurity events to determine true positives/false positives, and manage incident response.
Experience with SIEM platforms and log aggregation for collection, analysis, correlation, and alerting.
Ability to develop rules, filters, views, signatures, and countermeasures across cyber defense platforms.
Awareness of new and emerging cybersecurity technologies.
Ability to create technical documents, stakeholder sitreps, and briefing materials.
Preferred Qualifications
Deep CSOC experience including intelligence-driven detection, threat lifecycle management, and digital forensics.
CSOC Process Management experience (process/procedure management, continual operational improvement).
Certifications: CISSP, GCIH, GCIA, Linux+, CCNA, CCNP.
Ability to communicate analytical and technical concepts to both business leaders and technical teams.
Knowledge of cyber defense policies, procedures, and regulations.
Knowledge of vulnerability management processes and common authentication/authorization mechanisms.
Additional Listed salary ranges may vary based on experience and local market. Stefanini emphasizes phone conversations before offers and outlines the interview and offer process.
About Stefanini Group The Stefanini Group is a global provider of IT outsourcing, digital consulting, systems integration, application development, and staffing services to Fortune 1000 enterprises worldwide.
Seniority level
Mid-Senior level
Employment type
Full-time
Job function
Information Technology
Industries
IT Services and IT Consulting
#J-18808-Ljbffr
Details
Job Title: Cyber Defense Incident Responder, Senior (L3)
Location: Greensboro, NC (Onsite)
Address: 7900 National Service Road, Greensboro, NC 27409
What You Will Do
Analyze and respond to complex security incidents and alerts generated by SOC tools (e.g., SIEM, EDR, IDS/IPS).
Investigate and resolve escalated incidents from Level 1 and Level 2 analysts, ensuring swift containment and remediation.
Lead investigations into cybersecurity incidents, including malware infections, data breaches, and insider threats.
Perform digital forensics to collect, analyze, and preserve evidence for legal or compliance requirements.
Provide incident reports with detailed root cause analyses and actionable recommendations.
Use threat intelligence to identify patterns and indicators of compromise (IOCs).
Mentor junior analysts, providing guidance, training, and knowledge sharing.
Collaborate with IT, cybersecurity, and business stakeholders to implement and improve security controls.
Support continuous improvement of SOC processes, tools, and technologies to enhance efficiency and effectiveness.
Identify gaps in detection and response capabilities and recommend improvements to SOC leadership.
In This Role You Will Bring
Bachelor's degree in Computer Science or a related 4-year technical degree.
Minimum 7 years of experience supporting cyber defense operations in highly complex enterprise networks (SOC, SIRT, or CSIRT experience).
One or more of the following certifications: GIAC Certified Intrusion Analyst, GCIH, GCIA, CISSP.
Experience investigating targeted intrusions through complex network segments.
Understanding of APT, Cybercrime, and Hacktivist TTPs.
Expert knowledge of cybersecurity principles, threat lifecycle management, and incident management.
Knowledge of operating systems (Windows, OS X, Linux), network protocols, and application layer protocols.
Experience with scripting languages (PowerShell, Python, PERL, etc.).
Understanding of the Cyber Kill Chain, NIST framework, MITRE ATT&CK, and SANS Critical Security Controls.
Knowledge of cryptographic algorithms and systems.
Experience with SIEM, IDS/IPS, EDR, sandboxing tools, and related security technologies.
Network design knowledge including security architecture.
Strong analytical and technical skills in incident handling (detection, analysis, triage).
Knowledge of cyber threat hunting concepts.
Ability to analyze cybersecurity events to determine true positives/false positives, and manage incident response.
Experience with SIEM platforms and log aggregation for collection, analysis, correlation, and alerting.
Ability to develop rules, filters, views, signatures, and countermeasures across cyber defense platforms.
Awareness of new and emerging cybersecurity technologies.
Ability to create technical documents, stakeholder sitreps, and briefing materials.
Preferred Qualifications
Deep CSOC experience including intelligence-driven detection, threat lifecycle management, and digital forensics.
CSOC Process Management experience (process/procedure management, continual operational improvement).
Certifications: CISSP, GCIH, GCIA, Linux+, CCNA, CCNP.
Ability to communicate analytical and technical concepts to both business leaders and technical teams.
Knowledge of cyber defense policies, procedures, and regulations.
Knowledge of vulnerability management processes and common authentication/authorization mechanisms.
Additional Listed salary ranges may vary based on experience and local market. Stefanini emphasizes phone conversations before offers and outlines the interview and offer process.
About Stefanini Group The Stefanini Group is a global provider of IT outsourcing, digital consulting, systems integration, application development, and staffing services to Fortune 1000 enterprises worldwide.
Seniority level
Mid-Senior level
Employment type
Full-time
Job function
Information Technology
Industries
IT Services and IT Consulting
#J-18808-Ljbffr