Manager / Deputy Manager (Cybersecurity Incident Management)

You will be part of a team responsible for leading and managing the response to cybersecurity incidents, ensuring that threats are quickly identified, analyzed, and mitigated. This role requires a combination of technical expertise, strong communication skills and the ability to lead a team in high-pressure situations. The incident Manager will work closely with various teams to protect the organization’s assets and maintain a robust security posture.

Key responsibilities include:

1. Incident Response Management:
   • Lead and coordinate the response to cybersecurity incidents from identification through resolution.
   • Ensure timely detection, containment, eradication, and recovery from security incidents
2. Incident Analysis and Investigation:
   • Perform thorough analysis and investigation of security incidents to determine root cause, impact, and scope.
   • Utilize various forensic tools and methodologies to collect and analyze evidence.
3. Coordination and Communication:
   • Serve as the primary point of contact for cybersecurity incidents, coordinating with internal teams, external partners, and stakeholders.
   • Communicate incident status, impact, and remediation efforts to executive leadership and relevant parties.
4. Documentation and Reporting:
   • Maintain detailed documentation of incidents, including timelines, actions taken, and lessons learned.
   • Produce comprehensive incident reports and metrics for internal and external reporting.
5. Process Improvement:
   • Develop, refine, and implement incident response processes and playbooks.
   • Conduct post-incident reviews and lessons learned sessions to identify areas for improvement.
6. Training:
   • Conduct drills and TTX to train incident response team members to response to cyber incident.
7. Threat Intelligence Integration:
   • Leverage threat intelligence to proactively identify potential threats and vulnerabilities.
   • Integrate threat intelligence into incident response processes.
8. Compliance and Standards:
   • Ensure incident response activities comply with relevant regulations, standards, and industry best practices.

Requirements:

• Degree in Computer Engineering, Computer Science, Cybersecurity, Information Security, Electrical & Electronics Engineering; or equivalent
• At least 5 years of cybersecurity incident response experience in IT environments and 2 years in OT/ICS environments
• Strong knowledge of cybersecurity principles, threats, and attack vectors
• Proficiency in forensic analysis, malware analysis, and incident response tools
• Experience with SIEM, IDS/IPS, and other security technologies
• Those with GCIH, GICSP, GRID, CISSP, CISM certification would have an advantage
• Strong leadership, communication, interpersonal, analytical and problem-solving skills in a fast-moving environment