Cyber Security Incident Response Lead Manager

Position : Cyber Security Incident Response Lead Manager

Location : REMOTE in CA

Duration : 12+ Months Contract

Job Description :

Technical Proficiency :

In-depth knowledge of incident triage, telemetry, log analysis, and endpoint security

Ability to understand and assess various cyber security incidents, including account and endpoint compromises

Framework Knowledge :

Strong familiarity with NIST Framework, specifically NIST 800-53

Ability to reference and apply frameworks in practical scenarios

Cybersecurity Forensic Analysis :

Proficient in cybersecurity forensic analysis techniques and tools

Communication Skills :

Exceptional verbal and written communication skills, capable of presenting complex information clearly to diverse audiences, including C-level executives

Documentation :

Proficient in developing, maintaining, and improving incident response documentation and reporting

Ensures detailed and accurate documentation of incidents and responses

Interpersonal Skills :

Ability to navigate and influence strong personalities, especially within executive leadership across multiple departments

Excellent personal skills to handle high-pressure situations effectively

Meeting Leadership :

Proven ability to lead and direct meetings effectively

Presentation Skills :

Strong presentation and verbal communication skills.

Minimum Qualifications :

minimum of 2 years of recent experience within the last 3 years in triaging cyber security events and alerts

This includes identifying and prioritizing security incidents, assessing the potential impact and scope, and initiating appropriate response actions

Leadership Experience :

At least 2 years of recent experience within the previous 3 years as a lead cyber security incident response manager

This involves overseeing the incident response process, coordinating with multiple teams and departments, and ensuring effective resolution of security incidents

Extended Detection and Response (XDR) Console :

3 years of experience working with an Extended Detection and Response (XDR) console

This includes configuring, monitoring, and managing the XDR system to detect and respond to advanced threats across multiple security layers

E-Discovery Processes :

3 years of experience conducting e-discovery processes for major cyber security events

This involves collecting, preserving, and analysing digital evidence to support incident investigations and legal proceedings

Endpoint Security Products :

3 years of experience working with endpoint security products

This includes deploying, configuring, and managing endpoint protection solutions to safeguard against malware, ransomware, and other threats targeting endpoint devices

Security Information and Event Management (SIEM) :

3 years of experience working within a Security Information and Event Management (SIEM) solution

This involves setting up and maintaining the SIEM system, creating and tuning detection rules, and analysing security events and logs to identify potential security incidents

Log Analysis and Investigation : 3 years of experience analysing and investigating system and security logs

This includes reviewing logs from various sources such as network devices, servers, and applications to detect anomalies, identify indicators of compromise, and support incident response efforts.