TITLE:
Director Cybersecurity Incident & Breach Response
LOCATION:
Washington DC
JOB CATEGORY:
Job ID: EB-4061091637
Category: Technology
Location: Washington, DC
In this capacity, the Director, Cybersecurity Incident and Breach Response will:
• In support of our Continuity Management program, implement and manage the monitoring and incident handling program including the technologies, processes, training and documentation needed to ensure the organization can effectively detect and respond to security incidents
• Liaise with the Security Operations and Engineering team to assure continuous 24x7x365 monitoring to establish response to security events, investigation of correlated security event feeds, and the appropriate triage and escalation in case of an identified security incident or data breach
• Mature and manage domain and email-based threat intelligence and threat analytic functions in order to provide related threat intelligence information for effective security operations and security incident response, focusing on events that are likely to lead to a compromise
• Oversee the Incident Response (IR) program, including documentation, awareness, exercises, and response through all phases of an incident to include post-incident documentation and coordination
• Support the operational IR or data breach response coordination in the event of an actual incident
• Act as liaison and point of entry between Information Technology (IT) when coordinating either security IR or operational disruption IR activities.
In addition, the Manager, Cybersecurity Incident and Breach Response will be expected to have experience with the following areas of responsibility:
• Experience managing security operations for IT infrastructure (Vulnerability Management Program, advance incident response, cyber forensic investigation, endpoint security, EDR Tool, and exercise development / execution);
• Significant expertise in Cyber Security Incident Response and experience in one or more areas of Cyber Security: Intrusion Detection and Mitigation, Network Defense, Network Traffic Analysis or Operating System Security, Forensics, Incident Response, Cyber Threat Hunting, or Malware Analysis and Reverse Engineering
• Knowledge of general attack stages, including foot printing and scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, and covering tracks
• Familiarity with various malware categories, their characteristics, and network-based indicators of compromise
• Familiarity with networking vulnerabilities and exploit methods such as DDoS, XSS attacks, SQL injection and how to recognize attacks in-progress
• Enterprise-level experience performing incident triage, analysis, response, and remediation for computer network intrusions, web application and server attacks, insider threats, and malware infections
• Ability to evaluate available information, identify information gaps, recreate incident timeline of event activity
• Experience working in a federated functional organization and influencing leadership and employees not in your direct management chain/scope of control
• Demonstrated ability to team across organizational boundaries and geographical locations to collaborate with and influence others
• Possess excellent communication skills, human relation skills, organizational skills and analytical skills as well as proven information security leadership experience in a medium-to-large organization.
Proficiencies:
• Thorough understanding of the latest security principles, techniques, and protocols
• Experience maintaining metrics and SLAs
• Detailed technical knowledge of network, database, and/or operating system security
• Knowledge of NIST 800-62 and other industry regulatory standards as they pertain to reporting incidents
• Hands on experience in security systems, including vulnerability management, identity and access management, security risk assessments, application testing, etc.
• Experience with network security, networking technologies, and network monitoring tools
• Working knowledge of IT processes (i.e., ITIL) including incident, problem, defect, change and release management
• Experience with secure architecture principals, secure SDLC, security system integration and configurations, and troubleshooting.
Qualifications:
• Minimum of 12 years of experience with cybersecurity or information technology (preferred)
• At least 10+ years’ experience in an Incident Response capacity (SOC/NOC/watch floor, incident response, threat hunting team, forensic team, etc.) (preferred)
• BS degree in Computer Science or related field (required).
BrainWorks is a premier executive search firm that delivers superior talent to drive business performance. Our consultants are experts in their practice areas, which include Financial Technology; Cybersecurity: Consumer Products, CRM, Direct/Database Marketing and Customer Sciences/Advanced Analytics; Accounting and Finance; Private Equity and Portfolio Companies; Digital Marketing and eCommerce; and Consumer Insights and Market Research
Our Financial Technology Practice has deep expertise understanding how technology executives drive business performance. We have placed mid to senior level talent including CIOs, CTOs, and leaders in Development, Infrastructure, Data Management and E-Commerce.
BrainWorks prides itself on quality, speed and GUARANTEED RESULTS, delivered through our unique QUASAR approach. When you partner with BrainWorks, your company will receive intelligence and industry expertise from consultants who are trustworthy, caring and passionate about your business needs. https://brainworksinc.com.
#LI-Hybrid
#LI-HF1
