Manager of Incident Response

Roles and Responsibilities:

• Lead the development, implementation, and management of the incident response program to effectively detect, respond to, and recover from security incidents
• Oversee and direct the incident response team during critical security incidents, ensuring timely and effective resolution
• Develop and maintain incident response plans, playbooks, and procedures based on industry best practices and frameworks (e.g., NIST, SANS)
• Coordinate with internal teams, including IT, legal, and compliance, to ensure a unified response to security incidents
• Monitor and analyze security data to identify potential threats and vulnerabilities using SIEM and other security tools
• Provide leadership in conducting forensic analysis and root cause investigations during and after incidents
• Conduct post-incident reviews and implement lessons learned to improve incident response strategies and processes
• Serve as a point of contact for senior leadership and other stakeholders during security incidents, providing clear and actionable reports
• Drive continuous improvement of the incident response program through training, simulations, and process refinement

Skills Required:

• 7+ years of experience in information security, with a focus on incident response or threat management, including 3+ years in a leadership role
• Strong understanding of incident response frameworks and methodologies (e.g., NIST, SANS)
• Experience with security tools and technologies, including SIEM, forensic analysis tools, and incident management software
• Excellent analytical and problem-solving skills, with the ability to manage high-pressure situations and make informed decisions quickly
• Strong communication and interpersonal skills, capable of effectively collaborating with technical and non-technical stakeholders

Preferred Qualifications:

• Relevant certifications (e.g., CISSP, CISM, CEH, GCIH)
• Experience with cybersecurity threat hunting and proactive defense strategies