Cyber Response Manager (must have both a Cyber & Crisis background)

About The Position

Requirements

• At least 6 years of operational experience across multiple cybersecurity disciplines and crisis management, including at least 3 years of corporate business experience in cyber response, incident response, crisis management, and/or disaster recovery, or equivalent combination of relevant education and experience.
• Experience conducting risk assessments, business process or control auditing.
• Strong documentation skills, including detailed tracking, executive briefing, and reporting skills.
• Practical understanding of technical/security concepts including network architecture design, logical access controls, vulnerability management, encryption, and cloud computing.
• Strong problem-solving and analytical abilities, including the ability to critically evaluate information gathered from multiple sources, reconcile conflicts, decompose high-level information into details and apply sound business knowledge.
• Strong organizational skills, self-starter, and ability to multitask and manage multiple projects, and maintain attention to detail.
• Strong team player, and ability to build and maintain customer relationships and work collaboratively with team members - some of which may be geographically distributed.
• Demonstrated focus on process development and implementation that spans organizational boundaries.
• Data analysis experience, and ability to create value added metrics/reporting.
• Strong grasp and hands-on experience in cyber incident response, disaster response and crisis management.
• Strong understanding of cyber response and recovery stages, and the fundamentals of incident response planning, testing, and exercises.
• Situational awareness, and ability to respond to incidents that pose a threat to company, property, data, or people.
• Risk management and cyber response software/systems experience.
• Familiarity with cyber trends – ransomware, malware, phishing, insider threat, etc.
• Familiarity using ChatGPT and CoPilot, and using AI for research.
• Familiarity with industry best practices and standards for cyber and crisis events.
• Strong project management experience/skills.
• Strong verbal and written communication skills, and ability to present information to internal/external stakeholders.
• Microsoft Office suite and applicable software program(s) proficiency.

Nice To Haves

• Experienced Crisis Management experience managing major crisis-level events including various natural disasters and man-made incidents.  Deep experience with cybersecurity response/crisis management industry standard tools and concepts.
• Executive presence and ability to navigate difficult situations with empathy, confidence and capable resolve
• Ability to lead in ambiguous situations; Innovative problem solver
• Business Continuity Institute (BCI) and/or Disaster Recovery Institute International (DRII) certification.
• Certified Information Systems Auditor (CISA) and/or Certified Information Systems Security Professional (CISSP).

Responsibilities

• Drives commitment, support, ownership, accountability and results for cyber response, incident response and crisis management activities.
• Assists with cyber response/incident management program and process documentation including policies, procedures, frameworks, templates, and creates instructions in support of the program and meeting regulatory requirements.
• Assists with documenting the standard operating procedures (SOPs), incident response playbooks, escalation protocols, etc. to facilitate response capabilities.
• Validates, tests, and identifies gaps in response strategies and communicates results to leadership.
• Reviews and provides input on select enterprise response systems, tools, and services to ensure effective planning, testing and response capabilities including out of band options.
• Conducts research and analysis to support cyber/incident response programs and projects.
• Develops and conducts employee incident response training to create awareness for areas of responsibility.
• Supports enterprise threat and cyber crisis response activities including:  incident notifications and situational updates, employee emergency notifications, threat monitoring and analysis, notification of threat to appropriate stakeholders, cyber incident response team meeting coordination and minutes, state-specific incident response leadership, and support for impacted business operations.
• Prepares comprehensive, timely, and detailed response after-action reports.
• Analyzes trends across incidents and exercises to recommend improvements that may not be apparent from looking at each incident or exercise in isolation.
• Periodically tests and ensures readiness of continuity tools, including tools for out-of-band notification or incident communications.
• Establishes and maintains communication with enterprise crisis management, incident response team, and state-specific response team members.
• Coordinates with cyber response teams, the Chief Information Security Officer (CISO), legal, privacy, and the Protection Services Operations Center (PSOC) to respond to and support cyber crisis situations.
• Develops, enhances, and improves enterprise crisis management, cyber response while supporting incident plans and state-specific response plans; ensures annual plan compliance requirements are achieved.
• Assists in development of metrics and measurements supporting response programs evolution, validation, and business awareness.
• Implements processes, procedures and systems that will help ensure that the company’s continuity capabilities remain in compliance with all laws, regulations, and best practices.
• Assists in the evaluation, design and deployment of integrated systems and technology that support response, intelligence, service delivery and organizational strategy.
• Maintains roster of cyber crisis management and incident response team members.
• Conducts annual training of all crisis management and incident response plans as changes are made to each location team; prepares comprehensive, timely, and detailed test reports.
• Maintains lessons learned and remediation tracker; ensures response items requiring remediation are resolved within a timely manner.

Benefits

• Molina Healthcare offers a competitive benefits and compensation package.
• Molina Healthcare is an Equal Opportunity Employer (EOE) M/F/D/V