At Shire, we are proud and grateful to employ military veterans and thank them for their contributions to our company and our country. See where your military experience can play a role at Shire by using our military skills translator job search tool below:
Principal Cloud Incident Response Consultant Location: Atlanta, GA/Hybrid Duration: 18 months Description: Role Responsibilities The Principal Cloud Incident Response Consultant is responsible for maturing the organization's Advanced Cloud Incident Response capabilities, especially around Azure/365 and/or AWS. Objective is to bring advanced external expertise to the organization to consult on routine cyber investigations, escalations, and incidents, especially around Cloud. This role will be expected to be both a strong communicator and skilled hands-on practitioner. The role will also deliver specific deliverables including, but not limited to: Maintain Cloud Platform Response Guides Create detailed Knowledge Base Entries Uncover malicious activity Enumerate and request specific cloud privileges for monitoring & IR functions. Enhance existing SOC Runbooks for the cloud. Contribute to tuning of cloud alerts. Must Have Skills/Prior Experiences The selected candidate must demonstrate an understanding of the most popular cloud concepts. The candidate must demonstrate an understanding of key cloud resources and logs used to facilitate incident response and forensics. This role must have a strong knowledge of cloud (Azure, AWS) to effectively threat hunt and respond to advanced attacks. The ability to quickly identify nefarious artifacts versus benign activity will be a key skill for this position. This role must have problem solving skills for structured, unstructured, and complex situations. Following is a summary of the essential functions for this job. Other duties may be performed, both major and minor, which are not mentioned below. Specific activities may change from time to time. Extensive hands-on experience conducting cyber incident investigations in Azure/M365 environments (AWS will be considered as well) Strong ability to express their skills and knowledge in both verbal and written forms. Experience developing high-quality deliverables about deep technical concepts. Conduct cyber investigations for escalated and challenging computer security incidents using computer forensics, network forensics, root cause analysis and/or malware analysis. Participate in the creation and maintenance of use cases for recurring investigation/incident triggers in support of the 24/7 Cybersecurity Threat Operations and Cybersecurity Threat Management program. Participate in the creation and maintenance of playbooks used in response for investigation/incident triggers in support of 24/7 Cybersecurity Threat Operations and Cybersecurity Threat Management program. Interface with other teams in Information Security (e.g. network operations, Cyber Threat Operations Center (CTOC), vulnerability management) along with information and liability risk officers and technology management to help guide cyber security investigations and incidents. Identify new threat tactics, techniques and procedures used by cyber threat actors. Proactively engage in threat hunting activities to proactively search for threats in the enterprise environment. Plus/Nice to Have Skills/Prior Experiences Experience working in cloud environments, namely Microsoft Azure Industry certifications in general technology and security (e.g. Network+, Security+, CySA+, AWS Certified Cloud Practitioner, Microsoft Azure Fundamentals, etc.) Industry certifications in cyber forensics and incident response, such as GIAC Cloud Forensics Responder (GCFR), Certified Forensic Computer Examiner (CFCE), GIAC Certified Forensic Examiner (GCFE), GIAC Certified Forensic Analyst (GCFA), GIAC Certified Incident Handler (GCIH), GIAC Reverse Engineering Malware (GREM), and other related credentials Demonstrated technical leadership experience As an equal opportunity employer, ICONMA provides an employment environment that supports and encourages the abilities of all persons without regard to race, color, religion, gender, sexual orientation, gender identity or express, ethnicity, national origin, age, disability status, political affiliation, genetics, marital status, protected veteran status, or any other characteristic protected by federal, state, or local laws.