Manager for Threat Detection and Response
About The Position
We are seeking a dynamic and experienced Threat Detection & Incident Response Manager to join our global efforts in enhancing our cybersecurity posture through innovative services and technology solutions. The ideal candidate will possess a deep understanding of cybersecurity principles, extensive experience in cyber defense technologies, and the ability to drive strategic initiatives in a fast-paced environment. The primary responsibility is to investigate and respond to business impacting IT Security incidents ensuring timely and accurate incident validation, containment, and recovery. This role will interface with many stakeholders inside and outside of ISRM to ensure alignment and readiness to respond to IT Security incidents, evaluate tools and procedures, and provide guidance and direction as a top subject matter expert on digital forensics and incident response to the rest of the incident response team.
Requirements
- BA/BS or equivalent experience
- 8 years’ experience in digital forensics and incident response
- Digital forensics tools and techniques
- Incident response including major incident response leadership
- Technical writing and communication
- Cyber defense frameworks (NIST, ISO, CIS)
- SIEM tools (Splunk, Sentinel)
- Programming or scripting (PHP, Python, Javascript)
- Familiarity with Artificial Intelligence and ML-based threat detection and automation tools and how to govern their use in a SOC/TDR context
- Digital Forensics
- Digital Resources
Nice To Haves
- Information Technology (IT) Security Assessments
- Security Architecture Design
- Security Policies
- Vulnerability Management
Responsibilities
- Perform active investigation and response to IT security alerts and incidents.
- Perform root cause analysis and remediation of material security risks.
- Support major incident response activities as either an individual contributor (performing digital forensics and incident response) or response commander (performing overall leadership and management of the major incident).
- Engage various stakeholders inside and outside of IT/Security, and provide status updates to leadership.
- Participate in on-call rotation to receive and review incident escalations ahead of major incident response team activation.
- Evaluate and implement enhancements to tooling, documentation/runbooks, detection logic, and/or implement proactive improvements to prevent or detect future incidents.
- Mentor and develop team members, fostering a culture of innovation and continuous improvement.
- Evaluate and recommend cybersecurity tools and technologies that enhance response capabilities.
- Identify potential risks and vulnerabilities in systems and processes and coordinate mitigation of them.
- Utilize threat intelligence to inform response efforts and to bolster proactive defense measures.
Benefits
- Company’s consolidated retirement plan (pension)
- Savings plan (401(k))
- Vacation –120 hours per calendar year
- Sick time - 40 hours per calendar year; for employees who reside in the State of Colorado –48 hours per calendar year; for employees who reside in the State of Washington –56 hours per calendar year
- Holiday pay, including Floating Holidays –13 days per calendar year
- Work, Personal and Family Time - up to 40 hours per calendar year
- Parental Leave – 480 hours within one year of the birth/adoption/foster care of a child
- Bereavement Leave – 240 hours for an immediate family member: 40 hours for an extended family member per calendar year
- Caregiver Leave – 80 hours in a 52-week rolling period
- Volunteer Leave – 32 hours per calendar year
- Military Spouse Time-Off – 80 hours per calendar year
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Manager
Number of Employees
5,001-10,000 employees
