Job Description
The successful candidate understands that incident response isn’t limited to business hours and is an interrupt-driven and dynamic environment. They will direct the strategic direction of the CSIRT, and manage and coordinate the goals and objectives of highly-skilled, senior cyber security professionals geographically dispersed around the globe. This leader will collaborate not only with the Security Operations Center and Threat Hunting managers to deliver a comprehensive incident response program, but also with other information security teams and partners across the enterprise.
Responsibilities:
- Drive the strategic direction of the CSIRT in conjunction with the goals and objectives of partner teams while supporting the mission of Information Security Services.
- Respond with urgency to suspected and actual cybersecurity incidents according to existing response processes.
- Generating reports, presentations and collateral from cyber security incidents.
- Strong understanding of latest security tools and techniques.
- Strong understanding of Security Operations, incident response, and toolsets used, including threat intelligence platforms, SIEM, and case management systems.
Skills and experience:
- 3+ years’ experience in cyber security.
- Technical or management certification such as CISSP, CISA, CISM is preferred but not required.
- Demonstrable written and verbal communication skills suitable for executive leadership.
- Ability to work in an extremely fast-paced, demanding work environment.
- Detail-oriented and able to manage multiple tasks, workstreams and events at a time.
- Knowledge of NIST CSF, MITRE ATT&CK, and similar standards and frameworks.
- Incident response expertise in cloud environments is a definite plus.