Incident Response Planner

Description

The Data Privacy and Compliance Analyst is responsible for assessing business policies, procedures, and operations to ensure the organization meets privacy requirements and government regulations for the protection of sensitive information. Privacy and Compliance Analysts manage the legal and operational risks related to sensitive and critical information assets, continuously assess business unit operations, and develop policies, procedures and user training necessary to meet or exceed privacy requirements.

Master's degree. 5 years of experience in incident response. 9 years of experience in vulnerability management. Experience leading or managing an Incident Response Program. One or more advanced cybersecurity certifications such as: CISSP, CISM, CRISC, CISA, CASP, GEVA, CCNP-Security or equivalent. Practical knowledge of security applications and technologies, as well as operating system platforms including Windows, Mac, Linux, and Networking technologies.

Knowledge of application and infrastructure vulnerability scanning tools (e.g., Rapid7, Nessus, Qualys, Fortify, etc.) in complex or large organizations. Technical background to understand the characteristics and exploitation vectors for vulnerabilities being reported. Strong knowledge of Splunk, Tenable Nessus, API's, Excel and Power BI Platform for data analytics.

Experience with advanced Excel data manipulation and analysis including pivot tables, light macros, intermediate formulas. Previous experience in analyzing data to present relevant metrics to remediation stakeholders and leadership. Sound knowledge of common infrastructure vulnerability categorizations such as CVE, CVSS, and/or CWE. Deep understanding of cybersecurity best practices and frameworks such as NIST 800-53/171, CMMC, RMF, MITRE, ATT&CK Framework, and OWASP top 10.

Incident management expertise with ability to translate technical risks for business leaders. Excellent written and verbal communication skills. One or more basic cybersecurity certifications such as:
Security+, CEH, CND, CySA+, CCNA-Security or equivalent.

Skills

incident response, incident report

Top Skills Details

incident response,incident report

Additional

Skills & Qualifications

Key Responsibilities Assists with difficult cybersecurity questions and requests from GTRI customers. Direct sponsor engagement as required to review current and planned requirements for secure infrastructures that require compliance. Guide requirements gathering and analysis. Leads validation of security control configuration on systems, ensure all systems are configured to to necessary controls, such as NIST, DFARS , CMMC, and other similar requirements.

Articulates privacy requirements into product life-cycle including definition, requirements analysis, synthesis, cyber engineering analysis and implementation. Conducts privacy impact analyses and identify areas needing improvement and recommend necessary enhancements to achieve privacy goals. Reviews modifications to critical information systems and directs implementation of configuration changes. Mentors lower-level cybersecurity and IT professionals across the enterprise. Develop and implement incident response plans and procedures, ensuring a swift and effective response to security incidents or breaches.

Coordinate incident investigations, containment, and recovery efforts as needed. In-depth knowledge of incident response protocols and remediation techniques. Plan and conduct incident response exercises to include table tops, simulations, and actual disruptions. Incident investigation and response experience, including the ability to work with IR stakeholders to gather required information for reporting. Submit all required IR reports to governing bodies within parameters set by law, regulation, contract, or policy.

Consult with various partners, publications, websites, news sources, and cyber forums to provide daily updates on threats relative to our environments. Communicating threats to stakeholders outside of the cybersecurity department regarding threats and risks. Observe and document events as they unfold during exercises and incidents to facilitate lessons learned sessions.

Experience Level

Intermediate Level

Job Type & Location

This is a Contract to Hire position based out of Atlanta, GA.

Pay and Benefits

The pay range for this position is $58.00 - $67.00/hr.

Eligibility requirements apply to some benefits and may depend on your job classification and length of employment. Benefits are subject to change and may be subject to specific elections, plan, or program terms. If eligible, the benefits available for this temporary role may include the following:

- Medical, dental & vision - Critical Illness, Accident, and Hospital - 401(k) Retirement Plan - Pre-tax and Roth post-tax contributions available - Life Insurance (Voluntary Life & AD&D for the employee and dependents) - Short and long-term disability - Health Spending Account (HSA) - Transportation benefits - Employee…