Senior Cyber Defense Incident Responder (Level 3) Position Available In Guilford, North Carolina

Senior Cyber Defense Incident Responder (Level 3)

Job Title:

– Senior Cyber Defense Incident Responder (Level 3)

Location:

– Greensboro, North Carolina (Fully Onsite)
NO H1B
C2C
Important notes: Please send a resume with full details, including location and dates of each role, include

EDUCATIONAL

BG, avoid adding unnecessary details in resume, please send any valid identification card if possible (not required). Will prioritize resumes with full details.

Summary:

The role of Senior Cyber Defense Incident Responder (Level 3) within the Global Cybersecurity Operations Center (CSOC) at The Volvo Group is a high-level technical position focused on managing and responding to advanced cyber threats, conducting detailed investigations, and enhancing the organization’s security posture. This position requires deep technical expertise, leadership abilities, and experience in cybersecurity operations, with responsibilities spanning incident response, digital forensics, threat intelligence, process improvement, and mentorship of junior team members.

Key Responsibilities:

Incident Response & Investigation:

Analyze, respond to, and manage complex security incidents and alerts from SOC tools (e.g., SIEM, EDR, IDS/IPS). Lead investigations into cybersecurity incidents (e.g., malware infections, data breaches, insider threats) and ensure proper containment and remediation actions. Perform digital forensics to collect, analyze, and preserve evidence for compliance or legal purposes. Provide detailed root cause analyses and actionable recommendations in incident reports.

Threat Intelligence & Detection:

Utilize threat intelligence to identify patterns and Indicators of Compromise (IOCs) tailored to the organization. Identify gaps in detection and response capabilities and recommend improvements to SOC leadership. Work to develop and tune detection mechanisms (e.g., SIEM rules, IDS/IPS signatures, EDR policies).

Mentorship & Collaboration:

Guide and mentor junior analysts, fostering a culture of knowledge-sharing and professional growth. Collaborate with IT, cybersecurity, and business stakeholders to enhance security controls and align with organizational objectives.

SOC Process & Capability Improvement:

Continuously improve SOC processes, tools, and technologies to enhance operational efficiency and detection capabilities. Support initiatives to strengthen the organization’s security architecture and incident response framework.

Required Qualifications:

Education:

Bachelor’s degree in Computer Science or a related technical discipline.

Experience:

o Minimum 7 years in cyber defense operations (SOC, SIRT, or CSIRT) in complex enterprise environments.
o Proven experience investigating targeted intrusions in advanced networks.

Certifications:

One or more of the following: o GIAC Certified Intrusion Analyst (GCIA)
o GCIH Certified Incident Handler
o CISSP (Certified Information Systems Security Professional)

Technical Expertise:

o Strong understanding of Advanced Persistent Threat (APT) and adversary TTPs (Techniques, Tactics, and Procedures).
o Expertise in operating systems (Windows, OS X, Linux), network protocols, and application layer protocols.
o Proficiency in scripting languages such as Python, PowerShell, or PERL.
o Familiarity with security frameworks like MITRE ATT&CK, NIST, Cyber Kill Chain, and SANS Critical Security Controls.
o Experience with modern security tools and platforms (SIEM, IDS/IPS, EDR, email security, UBA, etc.).
o Knowledge of cryptographic algorithms and secure network design principles.
o Hands-on experience with incident handling, triage, and countermeasure implementation.
o Ability to analyze cybersecurity events to differentiate true positives from false positives.

Preferred Qualifications:

Extensive experience in cybersecurity operations, including threat lifecycle management, incident response, digital forensics, and network monitoring. Experience managing CSOC processes, including operational improvements and initiative management. Additional certifications such as Linux+, CCNA, or CCNP.

Practical knowledge of:

o Cyber defense policies, procedures, and regulations.
o Vulnerability management processes.
o Authentication and authorization mechanisms. Strong analytical skills, with the ability to translate technical findings into actionable steps for business leaders and technical teams.

Skills and Competencies:

Expertise in cyber threat hunting and intelligence-driven detection. Strong technical writing skills to deliver incident reports, stakeholder briefings, and technical documentation. Problem-solving skills to address complex security challenges in real-time. Ability to work collaboratively across diverse teams and with multiple stakeholders. Commitment to continuous learning and staying updated on emerging cybersecurity technologies and threats.

Key Tools & Frameworks:

Tools:

SIEM platforms, EDR solutions, IDS/IPS, forensic analysis tools, log aggregation systems, sandboxing tools, email security systems, user behavior analytics.

Frameworks:

MITRE ATT&CK, Cyber Kill Chain, NIST Cybersecurity Framework, SANS Critical Security Controls.

Languages:

Scripting proficiency in PowerShell, Python, or PERL.
Navya Gupta Sr. IT Technical Recruiter

Email:

Gtalk:

Phone:

+1 Linkedin id:

Address:

505 Knolle Court, Saint Augustine|

FL 32092

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
Report this job

Dice Id:

91022079

Position Id:

2025-42598