Incident Crisis Management Lead

Key Role:

Maintain responsibility for the management, supervision, and coordination of Cybersecurity incidents for clients. Lead significant or high-profile incidents, including validating and escalating incidents and coordinating response activities across client business groups. Provide rapid, independent decision making in stressful, fluid situations, including those that impact critical business systems. Serve as a liaison between the Security Operations Center and the impacted business and technical teams during an incident. Coordinate and direct efforts among Security Operations and technical team members throughout the incident response life cycle. Provide timely and relevant updates to appropriate executive, c-suite, and board stakeholders. This position will require travel of up to 80% of the time.

Basic Qualifications:

-7+ years of experience with leading project delivery teams for private sector clients as a technical consultant

-4+ years of experience with Cybersecurity consulting

-4+ years of experience with incident response and security operations

-Ability to lead fast-paced delivery in challenging commercial environments and work with senior leaders to foster positive client relationships

-Ability to conduct after action reporting and provide relevant insights to guide improvements and adjustments to Cybersecurity response processes

-Ability to travel up to 80% of the time required

-BA or BS degree

Additional Qualifications:

-Experience with large-scale and complex incidents of all types, including APT, DDOS, insider, Web and mobile applications, and data exfiltration

-Experience with providing strategic guidance on and tracking of tools visibility and capability gaps affecting the information security posture

-Experience with testing and updating incident response plans and processes to address existing and emerging threats

-Experience with forensic analysis and big data concepts

-Experience with key Cybersecurity operations-related tools, including SIEM and TIP

-Ability to build excellent relationships with technology vendors and develop mutually beneficial partnerships

-Ability to provide clients with timely reports and updates

-Possession of excellent oral and written communication skills with multiple stakeholders as a liaison between the Security Operations Center and business and technical teams during an incident

-GCIH, GCIA, GCFA, or GCFE Certification

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.


Not ready to apply? Join our talent community and sign up for job alerts.