VP, Senior Incident Response Lead

About The Position

Requirements

• Minimum seven years of cyber security experience with at least five years focused on Threat Hunting, Incident Response, or Detection Engineering.
• Expert level abilities to collect and analyze forensic artifacts across multiple major operating systems (Windows, Linux, Mac).
• In-depth attack surface knowledge of one or more major cloud providers (AWS, Azure, GCP).
• Proficiency in using python or other similar scripting language to interact with APIs or manipulate large datasets for analysis.
• Bachelor's degree in computer science or a related discipline, or equivalent work experience in information systems or intelligence required, advanced degree preferred.
• One or more relevant security certifications (GCIH, GCIA, GCFE, GCFA, SANS, AWS Certified Cloud Practitioner, AWS Certified Security Specialty, or comparable).
• You must be 18 years or older
• You must have a high school diploma or equivalent
• You must be willing to take a drug test, submit to a background investigation and submit fingerprints as part of the onboarding process
• You must be able to satisfy the requirements of Section 19 of the Federal Deposit Insurance Act.
• New hires (Level 4-7) must have 9 months of continuous service with the company before they are eligible to post on other roles. Once this new hire time in position requirement is met, the associate will have a minimum 6 months’ time in position before they can post for future non-exempt roles. Employees, level 8 or greater, must have at least 18 months’ time in position before they can post. All internal employees must consistently meet performance expectations and have approval from your manager to post (or the approval of your manager and HR if you don’t meet the time in position or performance expectations).
• Legal authorization to work in the U.S. is required.
• We will not sponsor individuals for employment visas, now or in the future, for this job opening.

Nice To Haves

• Experience and familiarity with analytic standards and tradecraft
• Experience in the financial services sector
• Strong oral and written communications skills
• Strong analytical & critical thinking capabilities
• Expertise to clearly define complex issues despite incomplete or ambiguous information

Responsibilities

• Spearhead key technical and strategic Incident Response initiatives with specific focus on Cloud Incident Response capabilities.
• Benchmark and implement industry best practices for incident response and cybersecurity operations, such as MITRE ATT&CK and NIST Cybersecurity Framework (CSF).
• Provide technical leadership and expertise to enable proactive detection of potential security threats and recommendations for improvements in overall security posture.
• Proactively identify, research, and dissect emerging attack techniques to develop custom detection, containment, and remediation plans to support the JSOC.
• Act as the technical SME for complex and priority targeted detection and response projects aimed at rapidly improving controls related to priority threats.
• Coordinate with multidisciplinary teams across intel, detection, engineering and technology to iteratively improve security controls and detection capabilities.
• Provide counsel to management regarding vendors and technologies, and interact with suppliers to ensure appropriateness of security tools and their configuration.
• Mentor, and upskill less-experienced team members across cyber operations through coaching collaboration and leadership.
• Interface with industry peers to acquire and share Incident Response best-practices in the sector.