Senior Manager - CSIRT

Job Title: Senior Manager - CSIRT

Company: AISIN World Corp. of America

Department: DX, Infrastructure & Security

Location: Northville, MI

Position Responsibilities

The incumbent is expected to perform the following functions that the company has determined are essential to this position:

• Lead the investigation and response to security incidents, including data breaches and cyber-attacks.
  • Coordinate with global security teams to ensure a unified response to incidents as required.
  • Contain threats and remediate the incident.
  • Perform digital forensics to uncover the source and impact of cyber incidents.
  • Analyze cause of incidents and support counter measure planning.
  • Collect and preserve evidence for potential legal proceedings.
  • Monitor and review the incident status to determine classification and severity level.
  • Generate a final report with lessons learned and disseminate to proper authorities.
• Conduct thorough analysis of security threats and vulnerabilities (e.g. Risky sign-ins, External, etc.).
• Develop and maintain threat intelligence to anticipate and mitigate potential risks.
• Maintain and improve the cybersecurity incident response plan.
• Continuously review, test and enforce cybersecurity policies and procedures including the corporate security guidelines, rules and regulations, etc.
• Ensure compliance with internal \ external cybersecurity audits, surveys, regulations and standards.
• Collaborate with the SOC (Uses Microsoft Sentinel based dashboard) team to conduct regular risk assessments to identify and address security vulnerabilities and suggest countermeasures.
• Conduct table-top exercises to ensure incident readiness.
• Implement risk mitigation strategies to protect organizational assets and prevent incident recurrence.
• Lead and mentor the regional team members having cybersecurity responsibilities.
• Guide regional infrastructure operations team members on matters of cybersecurity.
• Provide training and development opportunities to enhance team capabilities.
• Collaborate with other departments and stakeholders to communicate threats and ensure comprehensive security measures are designed and implemented properly.
• Assist with the implementation and operations of corporate security related tools.
• Various oversight \ consulting activities for security related tools, OS, etc.
  • Product (e.g. Endpoint\Server Security, Email Security, etc.) MACD policies, users, groups, computers.
  • Microsoft Office security configurations (e.g. Intune, Teams, and Exchange Online Protection).
  • Configuration of Microsoft Enterprise Applications, Conditional Access, Multi-Factor Authentication.
  • MACD configuration of Active Directory users, groups, and computers from Active Directory.
  • MACD configuration of Broadcom Web Security.
  • Report, investigate and mitigate malicious activity to stakeholders.
  • Complete break/fix tickets involving web site access, email quarantine, and program execution.
  • Complete vTicket (Internal app) instructions involving blocking domains and product vulnerabilities.
  • Liquid Files MACD users and profiles.
  • Nessus Tenable (MACD, Reports, etc.) to evaluate internal and external vulnerabilities

Required Skills and Abilities

Essential Skills and Experience:

• 10+ years’ experience working in a cyber-security incident response team.
• Strong knowledge of network security, firewalls, VPNs, IDS/IPS, and encryption.
• Knowledge of various operating systems (Windows, Linux).
• Proficiency in cyber security frameworks and standards (e.g., NIST, ISO 27001).
• Proficiency in threat modeling and risk assessment.
• Effective analytical and problem-solving skills.
• Highly organized and able to prioritize tasks and maintain a high productivity level in high stress situations. 
• Self-starter who can execute tasks with minimal oversight. 
• Strong communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams and communicate technical concepts to non-technical stakeholders and business leaders. 

Beneficial Skills and Experience

• Experience working in a large, Regional \ Global, organization maintaining multiple sites. 
• Knowledge of automotive manufacturing business a plus. 
• Commitment to staying updated with the latest cyber security trends and threats.

Education/Training/Certifications

• Bachelor’s degree in IT related field.  Master’s degree a plus. Equivalent experience will be considered.    
• Security related (e.g. CISSP, CEH, GCIH, etc.) certification(s) required.

Travel Requirements

• Approximately 30 %
• Must be willing and available to travel to such locations and with such frequency as is necessary and desirable to meet business needs. 

Work Environment Requirements

With reasonable accommodation:

• Must be able to operate a personal computer, telephone, and other office equipment.
• Must perform job duties onsite, when necessary, except those duties that are customarily or by their nature performed offsite (for example, offsite customer visits).
• Must be able to work effectively in a fast-paced environment.
• Must be able to work on multiple assignments at once, and complete assignments within deadline and budget (if applicable) with satisfactory quality.
• Must be able to operate as an effective team member.
• Must be committed to a high standard of safety and be willing and able to comply with all safety laws and all company safety policies.

Attendance/Work Hour Requirements

• Must maintain an acceptable attendance record.
• Must be willing and available to work weekends and holidays as necessary and desirable to meet business needs.