IR Security Manager in Bloomfield, CT at APEX Systems

Date Posted: 10/30/2018

Job Snapshot

Job Description

Job #:  907900


The Global Threat Management Threat Hunt Team is our client’s centralized resource for proactively and iteratively searching through the network to detect and isolate threats that evade existing security solutions. The team specializes in hunting across our client’s network utilizing analytics-driven, situational-awareness driven and intelligence-driven hunting techniques. As a member of the Hunt Team, this role will provide third level incident response services to address Cyber Security threats to the global client enterprise. Daily activities will include analysis of logs, memory and disc artifacts and the use of a variety of commercial and open source security tools to respond to and triage threats in the global enterprise.

  • Managing the triage analysis and verification of information security threats
  • Proven ability to leverage commercial and open sources tools for identification of malware on systems through memory, disk and network analysis
  • Perform security analysis of network traffic data and report on threats and act as the escalation point for additional analysis
  • Threat containment through use of threat management tools and infrastructure security controls
  • Analyze and review cases until closure which includes investigating and recommending appropriate corrective actions for cyber security incidents and communicating with the implementation staff responsible or taking corrective actions
  • Provide supporting evidence and tactical response resulting from technical analysis and direction of forensic investigations
  • Provide recommendations of security improvements by assessing current situation, evaluating trends, and anticipating requirements
  • Support 24x7 on call for escalated security incidents on a rotational basis
  • Knowledge of virtual environments, Cloud platforms (IaaS), network operating systems, mobile device environments, and data encryption methods
  • Knowledge of networking protocols and infrastructure designs; including routing, firewall functionality, host and network intrusion detection systems, encryption, load balancing, and other network protocols
  • Advanced knowledge of log analysis, traffic flow analysis and experience with associated infrastructure and systems to aid in the identification of malware or other malicious behavior
  • Strong knowledge of a broad array of security tools including Security Information and Event Management (SIEM) system, intrusion detection systems, web proxy systems, threat intelligence platforms and other tools used to assess network security
  • Strong knowledge of the technical details involved in current APT threats and exploits involving various operating systems, applications and networking protocols
  • Strong understanding of various forensic tools such as EnCase or FTK, and system imaging
  • Demonstrated experience in memory and disc forensics for the purposes of identifying, collecting, analyzing and responding to malware
  • Working knowledge of common cyber security incident types such as denial of service attacks, malicious software infections, active intrusion techniques, and misappropriate use scenarios
  • Coordinate with Cyber Intel and Cyber Hunt teams to identify, extract, and leverage intelligence from APT or other advanced intrusion attempts
  • Fully analyze network and host activity in successful and unsuccessful intrusions by advanced attackers
  • Demonstrated ability to work in a team environment both in-person and remotely
  • Excellent written and verbal communication skills, analytical ability, and the ability to work effectively with peers, IT management and senior leaders
  • Ability to operate and contribute effectively as a remote member of a global Information Protection team
  • Must be able to multi-task and work independently on assignments using professional discretion and judgment as well as transition quickly between projects with limited supervision
  • Ability to participate in customer and partner facing meetings and projects, including those that involve technical topics or technical service delivery
  • Must be able to work well under pressure while maintaining a professional image and approach
  • Maintain partnership and memberships to coordinate with appropriate sources within the intelligence community regarding possible security incidents


  • Bachelor's degree and 5 years of experience in information technology OR 7+ years of Cyber Security focused experience or related IT experience



If interested, please email resume to









EEO Employer

Apex is an Equal Employment Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at 844-463-6178