Cybersecurity Incident Commander

About The Position

Requirements

• MS in Computer Science, Information Systems, Business or related field or equivalent work experience.
• 10+ years' experience as a security practitioner.
• Technology experience with the following Vulnerability management tools, SIEM, advanced cyber security tools, Firewall and router configuration, switches, secure network architecture, VPNs, PKI, Portals, Cisco, network monitoring technologies, Solaris, AIX , HP-UX, Red Hat Linux, Checkpoint, IPSEC, SSL, SSH, VPN, Ethernet Token Ring, WAP, SMTP, FTP, Frame Relay, WAN, ATM, FDDI, DSL, ISDN, HP Openview, Radius, F5, Nessus, security tools and facilities
• Advanced understanding of Cyber Security and Data Protection
• Telecommunications and wireless industry knowledge
• Advanced analytical and troubleshooting skills
• Working knowledge of Project Management discipline and process
• Organization, influence, leadership and facilitation skills
• Advanced Knowledge of Security Policies/Practices
• Moderate to Advanced Security Application knowledge
• Advanced knowledge in SOC operations, Vulnerability Management, Incident Handling & Response and Data Protection practices
• Advanced level of awareness of current attack vectors.

Nice To Haves

• Certification as a CISSP, CISA and/or CFE, or GIAC certification(s) (desired)

Responsibilities

• Enforce cybersecurity and data protection efforts
• Operate individual and or cross-functional team activities, providing leadership/guidance and consultation to Incident response analyst
• Resolve security issues through addressing identified and confirmed security events, successful forensic reviews, remediation tracking, and cross function collaboration.
• Conduct required efforts against Incident Response ticketing queue and prioritize Critical and High severity efforts.
• Provide communication and recommendations for attack surface reduction and counter adversary efforts to improve threat landscape.
• Provide continuous efforts to identify and bolster incident response capabilities for the SOC.
• Operationalize core cybersecurity and data protection functions
• Establish and Manage SOC Key Performance Indicators for reporting to leadership and executive audience
• Establish and Manage Audit reports and evidence for compliance requirements.
• Drive scheduled debriefs with Cyber leaders and stakeholders related to SOC current events.
• Participate as the SOC SME in cybersecurity tool acquisition conversations and demo’s, to provide thorough collaboration and identification of potential value.
• Assume overall command of the incident, establishing a safe, centralized command structure.
• Establish incident objectives, define priorities, and develop the overall strategy.
• Authorize the utilization and mobilization of personnel, equipment, and resources.
• Evaluate the situation, make critical decisions under pressure, and manage the incident.
• Serve as the primary point of contact, ensuring effective communication between teams, stakeholders, and external agencies.
• Ensure all actions are documented, and lead post-incident reviews or after-action reports.

Benefits

• competitive total compensation
• flexible/remote work
• leadership team committed to fostering an inclusive, collaborative, and transparent organizational culture