Tier III Incident Response Manager

RedCloud Consulting is a business and IT consulting company with local Puget Sound Enterprise and Mid-sized clients. RedCloud seeks a Tier III Incident Response Manager to support immediate client operations. Seattle Business Magazine has recognized us, ranked #1 on their "Best Companies to Work for in Washington" for Mid-Sized Businesses list, awarded #1 Fastest Growing Company in Washington by Puget Sound Business Journal, and named on the Inc. 500/5000 list.

Job Description:
Our mission is to detect, investigate, disrupt, contain, and remediate threats in support of the company's information security strategy.
“CSIRT Incident Response provides 24/7/365 incident response to all client properties and subsidiaries.
The team creates, maintains, and tests the effectiveness of the company's Incident Response Plan. IR conducts post-incident reviews to educate internal stakeholders on security incidents, improve monitoring and detection capabilities, and identify process improvements resulting from incidents to prevent reoccurrence.”

Responsibilities include but are not limited to:

• Serve as the incident commander for major or high-profile incidents including validating and raising incidents, coordinating response, facilitating information sharing, and conducting reporting
• Be a liaison between technical response teams and the business to minimize the impact of an incident on operations
• Ensure alignment to the organizational Incident Response Plan throughout the incident lifecycle
• Conduct post Incident reviews and provide insights to guide improvements
• Design, maintain, and improve a portfolio of security alerts, automated actions, playbooks, and workflows
• Communicate incident status to relevant parties across the organization
• Develop improvements to security detection capabilities
• Serve as a technical focal for security operations analyst issues
• Apply intelligence to improve areas of interest
• Perform in-depth log analysis with an understanding of acquisition and preservation techniques
• Regularly test and improve incident response plans and playbooks through the development of tabletop exercises
• Conduct team information sharing sessions in your given areas of expertise
• In partnership with other team members across geographies, maintain schedule flexibility during on call shifts to ensure 24x7x365 coverage

Required Knowledge, Skills, and Abilities:

• Knowledge of multiple security domains, including but not limited to: application security, cloud security, data security, network security, and perimeter security
• Common cyber defense tooling such as; IDS/IPS/HIPS, anti-malware, firewalls, proxies, etc
• Enterprise infrastructure, platforms, and tooling, including; Windows, Linux, MacOS, infrastructure management and networking hardware
• 3rd party cloud computing platforms (AWS, Azure, Google)
• Industry standard SIEM and SOAR platforms
• Communication – Written and oral communication skills to communicate technical concepts to all levels of the organization
• Listening - Ability to listen to feedback and apply recommendations
• Investigative demeanor – Curious mentality, someone willing to dig into problems until they are satisfied with a result
• Proactive self-starter – Act as a leader proactively looking for solutions
• Organization - Ability to simultaneously prioritize technical response while ensuring relevant parties are advised
• Bachelors in an information security or related technical field; or equivalent related professional experience
• Minimum of 6-10 years within IT security
• Ability to lead security incidents at a global scale
• Experience working in a SOC or a CSIRT
• Certifications which demonstrate baseline proficiency in the areas of IT Security, Incident Response, or cloud concepts (CISSP, GIAC, ECIH, AWS) are a plus

Compensation range for position is $ 148,500 – 181,500 DOE.

RedCloud requires employees maintain permanent residency within the United States during their employment period. During onboarding, proof of eligibility to work in the United States will be requested. RedCloud does not provide visa sponsorship.

About Us:
RedCloud is a boutique, business and technology consulting firm providing local companies with expert-level support for over two decades. Whether it’s to solve a specific business challenge or to provide additional support for an ambitious project, we can help bring even the most visionary endeavors to fruition.

Anchored by a foundation of "integrity-based consulting", the RedCloud team of subject matter experts collaborate closely with clients to develop and implement high-level solutions, bringing stability, growth, and innovation together for long-term success. We provide a broad array of business and technology consulting services through RedCloud’s core services: Empower Operations, Empower Sales and Marketing, Empower Customers, Empower Security and Privacy.

Visit http://www.redcloudconsulting.com/ for more info.
#LI-Remote