Head Of Cyber Incident Response And Threat Mitigation Services

Head Of Cyber Incident Response And Threat Mitigation Services

Position Overview: Do you want to be part of a collaborative team handling potentially challenging situations as a leader of our cyber incident response and threat mitigation? The ideal candidate demonstrates analytical skills, leadership, and curiosity in threat reduction efforts. A qualified candidate should be a collaborative self-starter who has a combination of strong technical aptitude, knowledge of security attack methods/stages (e.g., MITRE), a strong mindset, strong written and oral communication and can also inspire and develop talent. They must partner across the firm to drive identification, containment, investigations, response and recovery.

Responsibilities:

• Lead a team of cyber security incident response and threat mitigation engineering professionals.
• Be responsible for planning, design, operating client company’s cyber incident response and cyber threat mitigations operations across the areas.
• Run our Corporate Incident Response Team as related to cybersecurity - coordinating actions and responses across teams.
• Manage the plans, playbooks, quick reference guides necessary - and out-of-band communication plans.
• Engage with 1st line teams to develop muscle memory and ensure containment actions (shutdown authorities are clear).
• Coordinate with business continuity/disaster recovery teams to ensure an integrated approach to large events.
• Be responsible for triaging & leading cyber security incidents advanced from the security operations center.
• Manage third-party incident retainers and prepare for any future engagements.
• Participate/coordinate periodic exercises with third-parties.
• Ensure quality of security incident handling and cyber threat mitigation work.
• Ensure incidents are appropriately tracked, reported and after-action reports documented.
• Ensure metrics are timely and accurate.
• Drive our user behavior analytics (UBA) program working with the business to develop and improve appropriate logging monitoring.
• Develop standard operating procedures for our 1st line SOC based on threats/observed incidents.
• Proactively identify gaps and opportunities in our logging and monitoring processes.
• Host monthly incident response calibration/collaboration meetings across HR, physical security, fraud, legal, compliance to collaborate on issues and shared threats and knowledge.
• Communicate to various levels of the organization, both written and oral concisely and clearly.
• Provide strong technical understanding of security control monitoring process at different layers.
• Identify (and champion where applicable) risk mitigation.
• Collaborate with other leaders across cybersecurity to help define and complete cybersecurity strategy, financial, vendor and talent management.
• Contribute to the enterprise organizational Data Loss Prevention program.
• Lead, manage, guide, and mentor the staff on a regular basis, including selection/retention, goal setting, annual reviews, and compensation planning and career development.
• Provide recommendations to management & leadership team to increase effectiveness of security technology solutions to mitigate cyber threats and handle incidents.
• Respond to and assist with due diligence and internal/external security audit requests.
• Identify and act on opportunities to further enhance and refine security incident handling & cyber threat mitigation processes & capabilities.

Qualification:

• 7+ years broad/deep technology experience including public clouds
• 3+ years of leader experience in a security role, preferably involving incident response
• Incident response methodologies and evidence handling
• Experience working across functions including business, legal, HR, communications, IT.
• Knowledge of threat hunting and risk mitigation
• Knowledge of NIST CSF, MITRE, and others frameworks, malware analysis concepts, types of attacks and attackers, common vulnerabilities.
• Experience with financial services or regulated entities, US privacy regulations.
• Ability to think in a structured and creative manner to address cyber incidents
• Ability to process cyber threat intelligence and translate into actionable mitigation techniques and strategies.
• Ability to accelerate impact and lead positive cyber security change.
• Good knowledge of SIEM tools (Splunk preferred) and logging/monitoring, insider and UBA concepts and application.
• BS/MS in relevant experience in cyber security and/or industry related certifications desired

Estimated Min Rate: $140000.00 Estimated Max Rate: $200000.00

What's In It For You?

We welcome you to be a part of the largest and legendary global staffing companies to meet your career aspirations. Yoh's network of client companies has been employing professionals like you for over 65 years in the U.S., UK and Canada. Join Yoh's extensive talent community that will provide you with access to Yoh's vast network of opportunities and gain access to this exclusive opportunity available to you. Benefit eligibility is in accordance with applicable laws and client requirements. Benefits include:

• Medical, Prescription, Dental & Vision Benefits (for employees working 20+ hours per week)
• Health Savings Account (HSA) (for employees working 20+ hours per week)
• Life & Disability Insurance (for employees working 20+ hours per week)
• MetLife Voluntary Benefits Employee Assistance Program (EAP)
• 401K Retirement Savings Plan
• Direct Deposit & weekly epayroll
• Referral Bonus Programs
• Certification and training opportunities

Note: Any pay ranges displayed are estimations. Actual pay is determined by an applicant's experience, technical expertise, and other qualifications as listed in the job description. All qualified applicants are welcome to apply. Yoh, a Day & Zimmermann company, is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.