Incident Response Manager

Summary

Join Centric Software's security operations team as an Incident Response Manager. Lead and manage incident response efforts across a global enterprise, mitigating and managing security incidents. Serve as a subject matter expert, coordinating resources and communication to resolve breaches effectively and timely. Develop and implement incident response strategies, conduct root cause analysis, and provide digital forensic expertise. Maintain clear communication with stakeholders, generate incident reports, and lead training efforts. Collaborate with customers and manage vendors to ensure compliance and efficiency.

Requirements

• Minimum of 7+ years with main focus being Incident Response
• Has the ability to hit the ground running
• Deep understanding of security incident response methodologies, threat intelligence, and common cyber-attack vectors (e.g., ransomware, phishing, DDoS, malware, etc.)
• Strong verbal and written communication skills with the ability to articulate complex technical issues to non-technical stakeholders
• Proven ability to manage customer relationships, especially during critical incidents, with a focus on customer satisfaction and resolution
• Familiarity with security technologies and tools, including SIEM, IDS/IPS, firewalls, endpoint protection, and forensic analysis tools
• Ability to maintain composure and leadership under pressure, ensuring timely and effective incident resolution
• Certifications such as CISSP, CISM, CISA, or GIAC (GCIH, GCFA) are required

Responsibilities

• Lead and Manage Incident Response (IR): Take charge of major security incidents, coordinating resources, teams, and communication to resolve security breaches in an effective and timely manner
• Incident Detection & Triage: Oversee the identification and triage of security events, ensuring proper classification and prioritization of incidents based on severity and potential impact
• Develop and Implement IR Strategies: Continuously improve and refine the incident response process, incorporating lessons learned from previous incidents and industry best practices
• Root Cause Analysis: Conduct thorough post-incident analysis to determine the root cause of security incidents and implement measures to prevent recurrence
• Digital Forensic Expertise: Hands-on experience with forensic tools and methodologies for collecting, preserving, analyzing, and reporting on digital evidence
• Collaboration & Communication: Maintain clear communication with both technical and non-technical stakeholders, ensuring senior leadership, clients, and partners are informed throughout the incident response process
• Incident Reporting & Documentation: Ensure that all incidents are documented accurately, and reports are generated for stakeholders, including detailed timelines, impact assessments, and lessons learned
• Training & Awareness: Lead training efforts for internal teams and key stakeholders on incident response procedures, cybersecurity awareness, and proactive measures to reduce the likelihood of security incidents
• Customer Engagement: Work directly with customers, especially in high-stakes situations, providing guidance, support, and updates regarding incident response and resolution
• Vendor & Tool Management: Oversee and manage third-party vendors and tools utilized during the incident response process to ensure efficiency and cost-effectiveness
• Compliance & Regulatory Requirements: Ensure that all incident response efforts comply with applicable legal, regulatory, and contractual obligations