Job Title – Lead Security Engineer Duration- 6+Months Location- Houston, TX Position- Day One Onsite Job Description: Required Technical Skill Set: · Security Incident investigations, Threat intelligence management · Experience in leading and managing team spread across multiple locations – US, India · Experience in directly working with the customer and managing customer expectations, project deliverables in coordination with nearshore/offshore team · Ability to perform reactive & predictive security analysis and articulate emerging threats to leadership and team · Situational awareness of cyber activity by reviewing open-source reporting for new vulnerabilities, malware, or other threats that have the potential to impact the organization · Vulnerability Management and remediation · Good knowledge & working experience on SIEM solutions such as Splunk for log management, event correlation, security incident management, SIEM architecture Experience in defining alerts, reports and dashboards Desired Experience Range: Min. 10 years Must-Have: · Team management with good Information security technical expertise and ability to frontend customer interactions · Security incident investigations using SIEM & EDR solutions. · Experience in Security Incident Response Lifecycle · Experience in defining SOC monitoring usecases and operationalizing them through SOPs, and SIEM based alerts / reports. · Experience understanding and interpreting Threat intelligence from various external sources including validation of related IOCs in customer environment · Good understanding of Vulnerability Management process including scanning, executive reporting and remediation tracking · Should have good conceptual understanding of Windows, Linux operating systems & Networking – TCP/IP Protocol Suite · Should understand the functioning of Security Technologies including Anti-virus, Firewalls, Intrusion Prevention, Packet Capture tools, Remote access technologies etc. Understanding of common network services (web, mail, DNS, · FTP, etc.), network vulnerabilities, and network attack patterns · Possess knowledge and experience in Threat Ecosystem, remediating Malware, Rootkits and Botnets · Strong analytical and problem-solving skills · Good organization skills to ensure coordination and smooth hand-offs between onshore & offshore/nearshore teams · Strong communication (verbal and written) and interpersonal skills Project Management experience with an ability to mentor the team and meet delivery objectives Good-to-Have: Certifications preferred - CISSP, GCIH, GCFA, CHFI, CEH, SEC+ Experience in System forensics would be an added advantage Executive briefing & reporting skills with attention to detail Responsibility of / Expectations from the Role: · Lead the team with accountability to ensure overall delivery requirements are met · Responsible Security event triage and security incidents investigations, including support for forensics analysis. · Conduct proactive threat and compromise analysis by reviewing reports to understand threat campaign(s) techniques, lateral movement and extract indicators of compromise (IOCs). · Monitor, evaluate, and assist with the maintenance of assigned security systems in accordance with industry best practices to safeguard internal information systems and databases · Analyze a variety of network and host-based security appliance logs determine the correct remediation actions and escalation paths for each incident. · Ability to conduct packet analysis and articulate findings to fine-tune alerts · Conduct advanced use case development leveraging all product features (trends + variables + hierarchal architectures, Pattern Discovery) · Responsible for security incident response and documentation of investigation reports · Prioritize & determine events that are relevant for immediate action, which are wait and watch and which are not relevant · Maintain an expert understanding of vulnerabilities, response, and mitigation strategies used to support cyber security operations · Serve as point of escalation for Level 2/1 Security Analysts · Tune all security appliances for relevant alerting levels Work closely with all Security Operations staff to ensure 24x7 availability. Job Type: Contract Pay: $60.00 - $65.00 per hour Benefits: 401(k) Dental insurance Health insurance Vision insurance Schedule: 8 hour shift Experience: Cybersecurity (Required) Information security (Required) Linux (Required) Work Location: On the road