Incident Response Manager
Direct staff, including direct reports in conducting event detection, incident triage, incident handling, and providing consulting services. Provide thought leadership for client security tool deployment and implementation. Consult and direct Cybersecurity services for intrusion detection systems, firewalls, other boundary protection devices, and any security incident management products deployed in client spaces. Provide staff and client training and management activities for intrusion attempts and compromises. Provide briefings for various levels of management regarding ongoing client security incidents and develop and coordinate shift schedule and deployment of staffing within client organizations. Direct the monitoring and analysis of threat network activities and exploit capabilities using multiple open source intelligence assets. Provide guidance and direction on the development and tuning of Cyber rule sets and alerts to enhance detection and prevention zone technologies in client spaces.
- Experience with incident response and handling
- Experience in two or more of the following fields: security products and technologies, security engineering, networking protocols and data center, threat intelligence, and security analysis and investigations
- Experience in working with Cybersecurity tools and software, including Splunk, OSSEC, or McAfee security products
- Experience with project management
- BA or BS degree in Engineering, CS, Information Security, Information Systems, or Business Administration and 5 years of experience in a senior-level incident response analyst, incident response shift manager, or Cybersecurity role or MBA, MA, or MS degree in Engineering, CS, Information Security, Information Systems, or Business Administration and 3 years of experience in an incident response analyst, incident response shift manager, threat intelligence manager, or incident response junior management role
- Experience with multi-tenant operations
- Ability to deep dive issues and maintain focus
- Ability to be active in the training, coaching, and development of a team
- Network+, A+, Security+, CEH, GCIA, GCIH, or CISSP Certifications
- Information Systems Security Management Professional (ISSMP) Certification
We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.