Job Description Summary
Leads a team of Cyber Security Incident Response Analysts, Manages the MSSP relationship, and reduces threat exposure for the organization based on external and internal threat analysis.
How will you make an impact & Requirements
- Manage day-to-day operations of the Cyber Incident Response team.
Serve as Incident Commander during significant cybersecurity incidents. - Direct containment, eradication, recovery, and lessons learned activities.
- Own the Incident Response Plan and associated response procedures.
- Lead development and maintenance of incident response playbooks, automation workflows, and response readiness initiatives.
- Oversee investigations originating from MSSP escalations, internal monitoring, and threat intelligence sources.
- Participates in and provides guidance for tabletop exercises, simulations, and response readiness programs.
- Coordinate post-incident reviews and program maturity improvements.
- Support vulnerability management through oversight of validation, ticket generation, and remediation coordination activities.
- Track and report operational metrics including MTTD, MTTR, containment effectiveness, response readiness, and automation effectiveness.
- Demonstrated experience serving as Incident Commander or leading major cybersecurity incidents.
- Experience developing and maintaining Incident Response Plans and readiness programs.
- Experience coordinating cross-functional stakeholders during cybersecurity events.
- Certifications such as GCIH, GCFA, GCFE, CISSP, or equivalent preferred
Compensation:
$103,043.00to
$154,563.00