Cyber Security Incident Management Technical Lead
Cyber Security Incident Management Tech Lead
Salary: $150k - $170k plus $15 - $25k Bonus
Location: McLean, VA
Looking for a candidate to manage Security Incidents. Investigating and Remediating possible endpoint Malware infections, mitigating threats such as unauthorized use, spam and phishing. Incident management. Incident response problem management root cause analysis update incident response playbooks 4+ years experience in Security Monitoring data correlation security operations vulnerabilities Cyber Command Centers and Incident/Crisis Management
- In this role, you will be an integral part of Cyber Security Incident Response Team and will be expected to:
- Transform our Cyber Security Incident Management function to meet & exceed the Incident Containment, Eradiation, Recovery and Repair objectives
- Take the lead on Incident Management calls, including documenting & classifying the Incidents, own the accountability for consistent execution of process to coordinate response, triage and escalation of security incidents
- Lead functional Problem Management, including accountability for Root Cause Analysis of Incidents, and then coordinate actions to improve or correct the situation.
- Work other cyber functions such as Threat detection, Threat Intelligence, Digital Forensics etc. in building & coordinating required action plan
- Collaborate with IT and Business Senior leadership to assure transparent communication, recovery plans in the time of crisis and postmortem results with preventive measures.
- Routinely brief and update senior leadership and other stakeholders on the active incidents and manage expectations
- Lead maintenance, upkeep and enhancements of Cyber Security Incident response plans and SOPs
- Lead development and run Cyber Security focused exercises and tabletops
- Participate in development & update of incident response playbooks to ensure response activities align with best practices
- Support development of resiliency plans, and other necessary documentation to support Security Operations
- Build and leverage effective relationships across within Information Security with functions such as Threat Intel, Threat Detection as well as external teams in various lines-of-business, ensuring clear lines of communication and a comprehensive approach to security
- 7-10 years of IT experience with 4+ years of experience in Incident and Problem Management
- Bachelor's degree in Information Security, Computer Science, Information Technology, related field or equivalent work experience
- 3+ years of Information Security experience highly preferred
- Technical writing experience
- Demonstrated experience in handling security events in mission critical environments; troubleshooting mindset, analysis, and technical expertise to manage incidents and service requests; previous experience in troubleshooting day-to-day operational processes such as security monitoring, data correlation, security operations etc.
- Good grasp of security incident response, such as different phases of response, vulnerabilities vs threats vs actors, etc.
- Demonstrated capability to leading Enterprise Cyber Command Centers and Incident/Crisis Management
- CISSP, CISM Certified Professionals will be preferred