Incident Response Manager

Summary

Join Centric Software's security operations team as an Incident Response Manager. Lead and manage major security incidents, coordinating resources and communication for effective resolution. Oversee incident detection, triage, and the development of incident response strategies. Conduct root cause analysis and implement preventative measures. Collaborate with stakeholders, providing expert advice during high-pressure situations. Ensure accurate incident documentation and reporting. Lead training efforts on incident response procedures and cybersecurity awareness. Manage third-party vendors and tools. Maintain compliance with legal and regulatory obligations. This role requires a minimum of 7+ years of experience in incident response and specific certifications.

Requirements

• Minimum of 7+ years with main focus being Incident Response
• Has the ability to hit the ground running
• Deep understanding of security incident response methodologies, threat intelligence, and common cyber-attack vectors (e.g., ransomware, phishing, DDoS, malware, etc.)
• Strong verbal and written communication skills with the ability to articulate complex technical issues to non-technical stakeholders
• Proven ability to manage customer relationships, especially during critical incidents, with a focus on customer satisfaction and resolution
• Familiarity with security technologies and tools, including SIEM, IDS/IPS, firewalls, endpoint protection, and forensic analysis tools
• Ability to maintain composure and leadership under pressure, ensuring timely and effective incident resolution
• Certifications such as CISSP, CISM, CISA, or GIAC (GCIH, GCFA) are required

Responsibilities

• Lead and Manage Incident Response (IR): Take charge of major security incidents, coordinating resources, teams, and communication to resolve security breaches in an effective and timely manner
• Incident Detection & Triage: Oversee the identification and triage of security events, ensuring proper classification and prioritization of incidents based on severity and potential impact
• Develop and Implement IR Strategies: Continuously improve and refine the incident response process, incorporating lessons learned from previous incidents and industry best practices
• Root Cause Analysis: Conduct thorough post-incident analysis to determine the root cause of security incidents and implement measures to prevent recurrence
• Digital Forensic Expertise: Hands-on experience with forensic tools and methodologies for collecting, preserving, analyzing, and reporting on digital evidence
• Collaboration & Communication: Maintain clear communication with both technical and non-technical stakeholders, ensuring senior leadership, clients, and partners are informed throughout the incident response process
• Incident Reporting & Documentation: Ensure that all incidents are documented accurately, and reports are generated for stakeholders, including detailed timelines, impact assessments, and lessons learned
• Training & Awareness: Lead training efforts for internal teams and key stakeholders on incident response procedures, cybersecurity awareness, and proactive measures to reduce the likelihood of security incidents
• Customer Engagement: Work directly with customers, especially in high-stakes situations, providing guidance, support, and updates regarding incident response and resolution
• Vendor & Tool Management: Oversee and manage third-party vendors and tools utilized during the incident response process to ensure efficiency and cost-effectiveness
• Compliance & Regulatory Requirements: Ensure that all incident response efforts comply with applicable legal, regulatory, and contractual obligations