Lead Analyst - Enterprise Incident Management
JOIN US AS A LEAD ANALYT - ENTERPRISE INCIDENT MANAGEMENTSimilar industry titles and keywords: Crisis Response Coordinator, Cyber Security Incident Manager, Incident Handler, cyber security, information security, SOCSUMMARYSupport cyber-crisis management, mitigation and coordination of enterprise level triage activities in responding to potential high volume, impact events in accordance with established policies and processes. The Lead Analyst - Enterprise Incident Manager (EIM) role is accountable for end to end management of cyber, privacy and data security related incident and crisis management functions, which include identification, analysis, mitigation and post-incident activity. The Lead Analyst - Enterprise Incident Management will be considered to be an initial incident responder and integrated into the 24/7 Cyber Security Fusion Center. The incident handler will also be responsible for providing timely updates to direct leadership and senior leaders. Additional duties will include continuous testing processes including development and execution of enterprise tabletop and wargame exercises, EIM process optimization and routine case work support. KEY RESPONSIBILITIES
- First responder and manager of event, incident or crisis.
- Provides case management based on in place Enterprise Incident Management processes
- Facilitate all incident phases of identification, containment, remediation and post incident activity
- Deliver key communications to Leadership, Incident Core team and Senior Leadership
- Effectively communicate incident specifics to downstream partner groups to achieve timely incident containment and mitigation is achieved
- Operate with a sense of urgency and focus during events of high impact and volume
- Recommend effective process changes to enhance and optimize process and procedures.
- Handle high and critical severity incidents as described in the EIM process playbook.
- Perform critical analysis of escalations from event triage to incident escalation.
- Coordinate with Threat Ops and Threat Intel groups to resolve high or critical severity level incidents.
- Leads EIM process improvement and cyber crisis management testing activities
- 7+ years of information security experience, focus and expertise in incident and crisis management
- BA/BS in Engineering, Computer Science, Information Security, or Information Systems
- Threat and Incident management experience in triage, containment, escalation and mitigation
- Solid understanding and experience using event escalation and reporting procedures
- Experience supporting Network, System and Application related Investigations
- Understanding TCP/IP communications & knowledge of how common protocols and applications work at the network level in complex multi-tiered ecommerce application ecosystem
- Demonstrated ability to adapt and learn in a highly complex IT environment supporting multiple customers, capabilities and product channels
- Ability to demonstrate analytical expertise, close attention to detail, excellent critical thinking, logic, and solution orientation and to learn and adapt quickly
- Knowledge of network monitoring, analysis, troubleshooting, and configuration control technologies
- Strong oral and written communication skills
- Experience working in a 24/7 SOC environment
- Demonstrated experience in a cyber crisis management
- Knowledge and experience in advanced cyber-security approaches and technologies
- Experience in effective communication with executive leadership
- Experience in managing high impact, highly visible cyber related incidents or crisis
- Advanced critical analysis and abilities in bridging technical to business communications
- One or more certifications including, Security+, CEH, GCIA, GCIH, CISSP or similar