Cloud Incident Response Subject Matter Expert (IR SME)

C

Cybervance

Cloud Incident Response Subject Matter Expert (IR SME)

National
Full Time
Paid
  • Responsibilities

    Cybervance is an equal opportunity employer that designs, develops, and manages the successful execution of training programs for government and private sector organizations. Cybervance believes in creating innovative solutions to deliver measured results. We are looking for a Cloud Incident Response Subject Matter Expert (IR SME).

    Responsibilities:

    • Ensure correct and reliable operation of Azure lab through conventional maintenance and change management.
    • Identify and propose next steps for enhancements in lab capabilities, for example, increased integration of artificial intelligence, compliance with emerging regulations, and candidate incident response tools and software.
    • Integrate third party tools as needed to enhance learner experience, provide focused cloud IR or forensic training, or to enable data analytics.
    • Develop curriculum for Azure-incident response training informed by industry standards, customer requirements, learner objectives, and previous experience
    • Provide technical input and content direction to the curriculum and ISD Teams.
    • Convey cloud IR concepts into learning objectives, labs, and materials that align with the overall course strategy.
    • Design, test, and refine realistic threat scenarios reflecting latest adversary tactics, techniques, and procedures (TTPs). and field scenarios (“real life”).
    • Lead development of in-depth, technical course materials, including scenario-driven labs, hands-on exercises, presentations, and instructional guides. Example topics:
      • Threat hunting and advanced log analysis using Kusto Query Language (KQL).
      • Virtual machine (VM) forensics, including snapshot analysis and forensic VM creation in Azure.
      • Automated response strategies leveraging Microsoft Sentinel's SOAR and Defender Suite.
    • Regularly review scenarios and training exercises based on technology landscape, emerging technologies, industry shifts, and other significant trends.
    • Deliver training to learners through virtual labs, live and in-person sessions, and through technical guidance and real-world context.
    • Conduct demonstrations to support business development with existing and new customers

    Desired Qualifications:

    • Education:
      • Bachelor's or Master's Degree in Computer Science or a related field.
    • Certifications:
      • CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), and/or certifications in cloud computing (e.g., major cloud vendor certification, CCSP).
    • Experience:
      • At least 10 years in cybersecurity, with roles like Information Security Officer, Analyst, Consultant, or Architect, preferably at a senior level.
      • Experience in setting up or managing a Security Operations Center (SOC) or security team following standards like ISO 27000, NIST RMF, or NIST CSF.
    • Leadership:
      • Proven ability to supervise and guide teams, with a focus on leading cybersecurity projects and initiatives.
    • Customer service
      • Previous experience in troubleshooting, problem management and resolution, and pre-sales.
    • Preferred:
      • Previous experience in training, public speaking, or publishing related to cybersecurity.
      • Integration with a team in instructional systems design (ISD)
      • Direct experience in cloud computing incident response involving IaaS
      • Architecture or management of Azure infrastructures for medium-to-large sized enterprises