InfoSec Technical Delivery Specialist

About The Position

Requirements

• Bachelor’s degree in Computer Science, Information Systems, or related field.
• Minimum of 5 years of professional experience in information security.
• Strong knowledge of data security, privacy laws, regulatory compliance, and advanced security technologies.
• Experience in threat analysis, vulnerability testing, incident response, and forensic methodologies.

Nice To Haves

• Experience leading enterprise cyber incident response operations.
• Strong understanding of incident management frameworks (e.g., NIST, SANS, ITR models).
• Proven ability to lead high-pressure, high-visibility, time-sensitive situations and drive decision-making.
• Experience delivering and executive-level communications and risk briefings.
• Familiarity with vulnerability management, zero-day response, and threat intelligence integration.
• Experience coordinating across infrastructure, cloud, application, and security engineering teams.
• Knowledge of financial services, regulatory matters, and risk environments.
• Demonstrated ability to drive accountability without direct authority (matrixed organization).
• Experience with incident management tooling, ticketing systems (ServiceNow), and collaboration platforms.
• Advanced professional certifications such as CISSP, CISM, PMP, or equivalent.

Responsibilities

• Lead Incident Coordination: Act as Incident Manager / Incident Coordinator for information security incidents, investigations, events, zero-days, and high-risk vulnerabilities. Drive end-to-end response from intake through containment, remediation, and closure. Drive real-time risk-based decisioning, including severity classification, event escalation, and prioritization of containment and remediation actions.
• Facilitate Cross-Functional Response: Coordinate SOC, Threat Intel, Vulnerability Management, Engineering, Application, Infrastructure, Business, Legal, Regulatory and Risk Oversight teams. Establish clear ownership, timelines, and accountability across all stakeholders.
• Drive Triage & Risk-Based Decisioning: Assess exposure, exploitability, and business impact to determine severity and urgency qualifications. Escalate conditions requiring executive awareness or rapid response actions.
• Lead Incident Calls & Execution Rhythm: Run high-pressure, high-visibility structured incident meetings with defined objectives, action tracking, and decision capture. Maintain momentum and remove blockers to accelerate containment and remediation.
• Executive Communication & Reporting: Develop and deliver concise, executive-ready communications, including risk articulation, business impact, and remediation status. Provide detailed reporting of residual risk, blockers, and required decisions.
• Ensure Effective Containment & Remediation: Validate that immediate mitigations and long-term fixes are executed and prioritized appropriately. Track progress against SLAs, emergency changes, and remediation timelines.
• Oversight of Incident Lifecycle & Documentation: Maintain accurate timelines, decisions, and evidence within incident records. Ensure alignment with established incident management frameworks and escalation models.
• Post-Incident Review & Continuous Improvement: Lead or support lessons learned, root cause analysis, and control improvement recommendations. Identify systemic gaps and drive enhancements to response processes and playbooks.
• Stakeholder & Business Engagement: Partner with business units and application owners to align response actions with operational priorities. Support regulatory, legal, and risk partners as needed during incidents.

Benefits

• Medical insurance
• Dental insurance
• Vision insurance
• Life insurance
• Disability insurance
• Accidental death and dismemberment insurance
• Tax-preferred savings accounts
• 401k plan
• Vacation days
• Sick days
• Paid holidays
• Defined benefit pension plan (potential)
• Restricted stock units (potential)
• Deferred compensation plan (potential)