Principal Cyber Defense Incident Response Coordinator (Remote Work Option)

Open to remote work except in South Dakota, Vermont and West Virginia.

The annual base salary for this position ranges from $138,400.00 in our lowest geographic market to $327,200.00 in our highest geographic market. Actual salary will vary based on a candidate's location, qualifications, skills and experience.

Information about benefits can be found here.
 

WHO YOU’LL WORK WITH

This role reports into the Director, Cyber Security Incident Response team within Corporate Information Security.

WHO WE ARE LOOKING FOR

We’re looking for a Principal Cyber Defense Incident Response Coordinator who will be responsible for the management of resources and status reporting pertaining to security incidents. Successful Principal Cyber Defense Incident Response Coordinators must be detail oriented, have exceptional organizational, written and verbal communication skills, adept at remain calm and making good decisions under pressure, and a drive to create a standardized incident management practice; a composed, process oriented, people person.

Qualifications:

• Bachelor’s degree or equivalent combination of education, experience or training
• Minimum of 8 years of security monitoring experience and incident response activities; preferably within a professional services firm or similar environment
• Minimum of 5 years as an incident manager or incident handler.
• Solid knowledge of information security principles and practice
• Strong knowledge of incident response and crisis management with the ability to identify both tactical and strategic solutions using strong verbal and written communication skill
• Proven track record of creating an incident management framework and processes
• Comfortable with interfacing with other internal or external organizations regarding security policy and standards violations, security controls failure and incident response situation
• Understanding of network, desktop and server technologies, including experience with network intrusion methods, network containment, segregation techniques and technologies such as Intrusion Detection Systems (IDS) and Intrusion Protection Systems (IPS)
• The ability to learn and apply new concepts quick
• Resolves problems independently and/or through a support team
• Knowledge of ITIL best practices and process improvements
• Ability to balance and prioritize work
• Must be trustworthy in keeping sensitive data confidential

WHAT YOU’LL WORK ON

If this is you, you’ll be working with the Cybersecurity Incident Response team and performing these key tasks:

• Responsible for the management of resources and status reporting pertaining to cyber security incidents
• Define the scope, framework and procedures to facilitate security incident management
• Drive to create a standardized incident management practice
• Look for opportunities for automation and work with business and technology teams to improve security company wide.
• Create after action reports and facilitate the appropriate dissemination of the report to senior leadership.