Incident Response Manager

Summary

Join Vultr's Security Operations team as the Manager of Incident Response! You will lead the incident management and response team, executing response strategies, coordinating with cross-functional teams, and improving processes. This high-visibility role involves collaborating with international partners and government agencies to combat cyber threats. You'll be responsible for team development, maintaining incident response tools, and ensuring compliance with industry standards. Vultr offers a 100% remote work environment, competitive compensation, and excellent benefits.

Requirements

• Hold a Bachelor’s degree in computer science, information security, or a related field
• Have at least 7 years of experience in information security, with 3 years in an incident response or security operations role
• Possess experience in managing incident response efforts within a medium to large organization
• Demonstrate a proven ability to handle moderate-to-high-severity incidents and contribute to their resolution
• Hold relevant industry certifications such as GCIH (GIAC Certified Incident Handler), GCFA (GIAC Certified Forensic Analyst), or similar
• Have extensive experience in managing and responding to complex security incidents across various environments, including cloud and on-premises infrastructures
• Be proficient in Linux and Windows operating systems, with the ability to identify, investigate, and respond to security breaches within these systems
• Possess hands-on expertise with automation and scripting languages, such as Python, Bash, and PowerShell, to automate incident detection, response workflows, and forensic data collection
• Have in-depth knowledge of security monitoring tools, including platforms for real-time incident detection and forensic analysis
• Possess a strong understanding of network security technologies, including firewalls, VPNs, intrusion detection/prevention systems, and packet capture/analysis tools, to track and mitigate threat vectors
• Have advanced forensic investigation skills using tools for system and memory analysis
• Possess experience with orchestration, automation, and response tools to streamline and enhance incident response processes
• Have knowledge of threat intelligence frameworks to improve detection and response strategies
• Possess familiarity with malware analysis techniques and tools to understand threats, reverse engineer attacks, and develop defense strategies
• Have experience in conducting tabletop exercises and incident simulations to assess and improve incident response capabilities
• Possess strong leadership and team-building skills, with the ability to manage and mentor junior team members
• Have effective communication skills to convey security issues to both technical and non-technical audiences
• Be able to handle multiple tasks and work in a dynamic, fast-paced environment
• Have up-to-date knowledge of cybersecurity threats and mitigation strategies
• Have experience working with regulatory compliance requirements
• Be available to support 24/7 incident response efforts when necessary

Responsibilities

• Manage and coordinate the incident response team in identifying, handling, and mitigating security incidents
• Execute incident response plans, playbooks, and standard operating procedures, ensuring they are adhered to during incidents
• Conduct investigations and analyze security incidents to identify root cause and recommend corrective actions
• Collaborate with internal teams to facilitate communication and coordination during incident response efforts
• Monitor security alerts to ensure timely response to threats and escalate when necessary
• Participate in post-incident reviews to gather lessons learned and recommend improvements to the incident response process
• Train and support team members to ensure they follow best practices in incident response
• Ensure compliance with regulatory requirements and maintain awareness of emerging threats and trends in cybersecurity
• Contribute to the development of the incident response team, setting expectations and helping to achieve incident response objectives
• Assist in evaluating and recommending tools and technologies that enhance the incident response team’s capabilities

Benefits

• 100% remote work environment
• 401(k) plan that matches 100% up to 4% with immediate vesting
• Professional Development Reimbursement of $2,500 each year
• 11 Holidays + Paid Time Off Accrual + Rollover Plan + take off your birthday!
• Increased PTO at 3 year anniversary + 1 month sabbatical at 5 year anniversary + Anniversary Bonus each year
• $500 first year remote office setup + $400 each year following for new equipment
• Monthly internet reimbursement up to $75
• $50 per month for a gym membership
• Company-wide virtual get together