Senior Manager, Global Incident Response

Summary

Join Experian's Global Security Office as a Global Incident Response Senior Manager! Oversee the response and mitigation of cybersecurity incidents, managing a growing team of advanced responders. Develop and enhance incident response processes, collaborating with various teams to ensure effective containment and remediation. This technical management role requires strong leadership skills and expertise in incident response methodologies. You will report to the CFC Senior Director of Incident Management and Security Operations. The position offers a competitive compensation package and flexible work arrangements.

Requirements

• Bachelor's Degree in Computer Science, Computer Engineering, Information Systems, Information Security, or a related field
• 8+ years of experience working within a Security Operations Center, Incident Response Team, law enforcement, and/or military experience
• 5+ years of information security experience working in a Cyber Incident Response Team or Security Operations Center
• 3+ years of leadership experience managing the day-to-day operations of a Cyber Incident Response Team
• Demonstrated working knowledge of the Incident Response Life Cycle, MITRE ATT&CK Framework, Cyber Kill Chain, and other cybersecurity frameworks
• Demonstrated knowledge of common intrusion methods and cyber-attack tactics, techniques, and procedures (TTPs)
• Maintain a strong understanding of common Operating Systems (Windows, Linux, Mac OS), Networking (Firewalls, Proxies, NetFlow, etc.), Cloud Infrastructure, and Security Technologies (Anti-Virus, Intrusion Prevention, Web Application Firewalls)
• Review and interpret device and application logs from a variety of sources (e.g., Firewalls, Proxies, Web Servers, System Logs, Splunk, Packet Captures) to identify root cause and determine next steps for containment, eradication, and recovery
• Exhibit skills using common Incident Response and Security Monitoring applications such as SIEM (Splunk), EDR (FireEye HX, CrowdStrike Falcon, McAfee mVision EDR), WAF, IPS
• Hold two or more professional certifications related to Digital Forensics or Incident Response (e.g., GCIH, CEH, GCFE, GCFA, CFCE)

Responsibilities

• Oversee the response, containment, escalation, analysis, and mitigation of cybersecurity incidents
• Manage a new, growing team of specialized, advanced responders
• Be responsible for the daily operations, management, mentorship, and development of the global Advanced Response team
• Develop and grow the Advanced Response team's processes, capabilities, and overarching strategy
• Work with end-users, information security stakeholders, technical support teams, and management while directly managing critical response workstreams
• Develop and maintain relevant playbooks and operational processes
• Orchestrate analytical workstreams across teams for matters escalated to it and hold responsibility for reporting/representing the CFC's overall understanding of the timeline of attacker activity
• Ensure successful conclusion of cybersecurity incidents according to the processes and procedures within Experian's Incident Response Plan and associated playbooks
• Escalate severe incidents according to Experian's Incident Response Plan
• Support the development/upskilling of lower-level analysts in related CFC tiers through mentorship, training, and process development

Preferred Qualifications

Information security management certifications (CISSP, CISM)

Benefits

• Great compensation package and bonus plan
• Core benefits including full medical, dental, vision, and matching 401K
• Flexible work environment, ability to work remotely, hybrid, or in-office
• Flexible time off, including volunteer time off, vacation, sick, and 12-paid holidays