IT Incident Response Lead

IT Incident Response Lead – Nexlogica

Join to apply for the IT Incident Response Lead role at Nexlogica.

Job # 10082 – Posted 7/05/22 – Downey CA

• Interpret information security policies, standards, and other requirements as they relate to internal information systems and coordinate the implementation of these and other information security requirements.
• Redesign and reengineer internal information handling processes to protect information from unauthorized disclosure, use, modification, deletion, and unavailability.
• Provide highly specialized experience in one or more information, computer, or network security disciplines (e.g., penetration testing, accreditation, or risk assessment and mitigation).
• Develop system security plans, certification and accreditation reviews; analyze and establish processes for comprehensive systems and data protection.
• Assess and mitigate system security threats and risks; perform security audits, evaluations, and risk assessments and make strategic recommendations.
• Manage, support, install and maintain security tools and systems, and track security patches and incidents.

• Knowledge and experience in standard methodologies used in certification and accreditation processes.
• Extensive experience following NIST guidelines in risk assessment and management.
• Proficient in conducting vulnerability analysis, developing mitigation plans, and performing penetration testing, password protection testing, and application security testing.

• Experience with documenting incident response process and procedures.
• Experience as a first responder for forensic analysis and investigation.
• Experience with triage and resolving advanced vector attacks such as botnets and APTs.
• Experience leading during business-impacting situations and restoring normal service operations in cooperation with cross‑functional partners.
• Effective communication and updates for incident management and root‑cause scenarios.
• Work directly with data asset owners and business response plan owners during high‑severity events; lead messaging and communication for incident reporting to all audiences.
• Experience driving containment strategy during data loss or breach events.
• Documenting and maintaining chain of custody of incident evidence.
• Drive post‑containment recovery effort through to complete incident closure.
• Recommend ways to resolve and reduce impact of incidents and prevent future similar incidents.
• Develop and enrich restoration procedures to mitigate future outages and business disruptions.
• Provide written final incident reports to executive management, assessing scope of damage and severity.
• Collaborate with departmental IT teams to identify root cause of recurring incidents and create action plans for remediation.
• Maintain on‑call availability for 24x7x365 coverage.

Minimum five (5) years of experience applying security policies, standards, testing, modification, and implementation, with at least three (3) years focused on information security analysis.

• One or more of the following professional certifications: QSA, CISA, CISSP, CISM, CIPP, GCIH, or GIAC Network Forensic Analyst.
• Three (3) years as an IT Security Incident Response Manager supporting a complex enterprise security environment in large public or private organizations.
• Three (3) years as an IT Security Incident Response Manager in a multi‑tenant environment, responding, containing, remediating, and reporting on infrastructure connecting to cloud providers such as AWS, Azure, and/or GCP.
• Minimum two (2) years of experience in the last three (3) years analyzing, responding, and remediating enterprise network & security architectures.
• Minimum two (2) years of experience leading IT Security/Information Security teams.
• Minimum two (2) years delivering Incident Reports and Remediation Recommendations in a large enterprise organization.
• Demonstrated ability to create clear, concise technical documentation (procedures, Visio diagrams, system support documents) and strong presentation skills using Microsoft PowerPoint.

Bachelor’s degree in an IT‑related or Engineering field (additional qualifying experience may be substituted on a year‑for‑year basis).

Apply by sending your resume and any additional information to our recruitment team at .