Manager, Security (Incident Response)

Manager, Security (Incident Response)

Salary: Open Bonus

Location: Remote

*We are unable to provide sponsorship for this role*

Qualifications

• Experience defending enterprise environments. Red teaming or other offence-oriented experience a plus.
• History of working with cross-functional teams that include stakeholders outside of the technology organization.
• Experience with one or more of the following: cyber threat intelligence, threat hunting, detection content development, cyber risk event triage and analysis, security incident response.
• Demonstrated skill in developing and presenting cyber risk concepts to non-technical audiences, including project and product managers and non-technical leadership.
• Experience in authoring, reviewing, and presenting technical and process documentation including requirements, architecture diagrams and sequence/flow diagrams.
• Previous experience with a major cloud platform, such as AWS or Azure.

Responsibilities

• Collaborate on the evolution of a best-in-class security threat management program, incorporating cutting edge techniques in automation, machine learning, and distributed threat protection to broaden, deepen, and sharpen our capabilities to rapidly identify and eradicate cyber security threats.
• Work with cross-functional stakeholders from legal, corporate communications, privacy, compliance, facilities, and business continuity planning to mature enterprise end-to-end incident response and recovery plans and develop targeted playbooks to address emergent threats to the business.
• Sustain an agile, threat intelligence-driven continuous improvement process that leverages micro-purple testing techniques, hypothesis-based threat hunting, and the MITRE ATT&CK framework to identify missing or ineffective telemetry, detection capabilities, and response playbooks required to detect, prevent, and respond to cyber risk events originating from threat actors.
• Define the strategy for cyber threat management services, including the maintenance of the roadmap of process architectures that document the target and working states of cyber risk event management services and a multi-year plan to close gaps against the target state while keeping current with changes to technology and threat landscapes.