Incident Response Manager

View full description

Requirements:

• Bachelor’s degree in computer science, information security, or a related field.
• At least 7 years of experience in information security, with 3 years in an incident response or security operations role.
• Experience managing incident response efforts in medium to large organizations.
• Proven ability to handle moderate-to-high-severity incidents.
• Relevant industry certifications such as GCIH, GCFA, or similar.
• Extensive experience with security incidents across cloud and on-premises infrastructures.
• Proficiency in Linux and Windows operating systems for security breach investigations.
• Hands-on expertise with automation and scripting languages like Python, Bash, and PowerShell.
• In-depth knowledge of security monitoring tools for real-time incident detection and forensic analysis.
• Strong understanding of network security technologies, including firewalls, VPNs, and intrusion detection systems.
• Advanced forensic investigation skills using system and memory analysis tools.
• Experience with orchestration, automation, and response tools for incident response processes.
• Knowledge of threat intelligence frameworks to enhance detection strategies.
• Familiarity with malware analysis techniques and tools.
• Experience in conducting tabletop exercises and incident simulations.
• Strong leadership and team-building skills, effective communication abilities, and multitasking capability.

Responsibilities:

• Manage and coordinate the incident response team in identifying, handling, and mitigating security incidents.
• Execute incident response plans, playbooks, and standard operating procedures to ensure adherence during incidents.
• Conduct investigations and analyze security incidents to identify root causes and recommend corrective actions.
• Collaborate with internal teams for effective communication and coordination during incident response efforts.
• Monitor security alerts for timely threat response and escalate when necessary.
• Participate in post-incident reviews to gather lessons learned and recommend process improvements.
• Train and support team members to adhere to best practices in incident response.
• Ensure compliance with regulatory requirements and stay aware of emerging cybersecurity threats and trends.
• Contribute to team development and help set and achieve incident response objectives.
• Assist in evaluating and recommending tools to enhance incident response capabilities.