Incident Manager

About The Position

Requirements

• 3+ years of experience in leading serious cyber incidents.
• Highly effective risk assessment, data analysis, and communication skills.
• Strong understanding of Windows & Linux operating systems and network fundamentals.
• Strong knowledge of the latest TTPs, especially in respect of nation-state level attacks.
• Experience of developing, implementing, and continually improving IR playbooks.
• Experience of handling sensitive insider threat incidents.
• Knowledge of the NIST cyber security framework.
• Familiarity with SIEM (Sentinel, Splunk), Microsoft Defender Suite, and computer forensic tools.
• Ability to multitask in a high pressure, fast-paced environment.
• Excellent stakeholder engagement skills, including the ability to communicate complex topics to key stakeholders while clearly articulating risk and impact.
• Strong problem‑solving skills with the confidence to make timely, well‑reasoned decisions.
• Passion for the cyber security industry and staying current with emerging threats and technologies.
• Fluent in English.
• Legally authorized to work in the U.S.

Nice To Haves

• Practical experience with security vulnerabilities, exploits and malware.
• Industry certification, e.g. GCIH, GCFA, CEH, CFE, GREM etc.

Responsibilities

• Lead and coordinate the technical response to serious cyber incidents, e.g. APT activity, targeted malware campaigns, vulnerability exploits, and network-based attacks in order to contain, eradicate, and recover from malicious activity.
• Lead technical bridge-lines to triage incidents and to define and implement containment strategies, which often involve multiple competing priorities.
• Produce pristine communications to senior business stakeholders in a timely manner to outline the anatomy of attack and the details of the response and remediation activity.
• Lead and take ownership for all incident response key decisions, ensure auditable records and logs are maintained and incident records are up to date.
• Drive post-incident review activity with a focus on root cause analysis and continuous improvement.
• Build and develop relationships with key business stakeholders to promote the awareness of Incident Response processes.
• Produce weekly and monthly Management Information pertaining to incidents handled and the current threat landscape.
• Maintain up-to-date knowledge on the latest tools, tactics and procedures (TTPs) used by Threat Actors.
• Provide support for major incident escalations which may involve occasional out-of-hours activity.

Benefits

• competitive base salary
• annual bonus
• great medical, dental and vision coverage
• 401k with a generous company match
• incredible wellness benefits
• commuter benefits
• pet insurance
• generous PTO