Incident Response Lead

Company Profile:

An industry-leading, global organization, with presence in 100+ countries, and more than 10000 employees, and digital challenges across IT, own digital products and OT.

Role details:

As the Incident Response lead, you will be responsible for managing high impact Information security events and incidents at a global scale.

You’ll bring your leadership and management skills to play a key role in driving everything IR, building and maintaining stakeholder relationships both inside and outside of the organization, coordinating and managing the incident management process and response activities, as well as looking how to improve and streamlining existing processes.

Part of the global CISO team, you are expected to actively participate in collaboration initiatives and work with other peers inside and outside of the organization (including from government institutions and private sector) to further develop the understanding of the global landscape, and practically enhance the IR domain in the organization, translate learnings and outputs in enhancements and incident response playbooks, and overall processes and plans within the organization for better, prompt incident impact identification and proper response.

More information and full details available – reach out for a full conversation and insight on the role, the team, the organization and overall environment

Your responsibilities include:

• Leading and managing the incident response strategy, response plans, capabilities, activities, and overall improvements.
• Serving as incident lead and driving all security incidents, prioritizing and coordinating response and facilitating info sharing throughout the organization.
• Serving as liaison between technical and business teams, helping in minimize the impact of incidents, maintaining the business continuity and operations.
• Operating as IR handler, directing tech teams and other stakeholder teams during an incident, to include incident containment, evidence gathering and preservation, assisting in the identification of remedial steps and actions.
• Providing timely and detailed post-mortem reports, detailing root cause analysis and recommendations to relevant stakeholders / executive leads and supporters. Utilizing these to drive the continuous improvement of processes and procedures.
• Advising on improving the IR strategies at the tactical, operational, and strategic level.
• Developing and maintaining comprehensive IR playbooks, outlining procedures, best practices, and escalation protocols.
• Identifying and assessing incidents and the risk they pose to the organization. And managing external relationships for specific incidents, as well bringing forward the proper security severity by explaining the risk exposure and its consequences to non-technical stakeholders.
• Coordinating with stakeholders to share information on incidents, response actions, and mitigation activities.
• Ensuring the effectiveness and efficiency of the IR services and processes and remaining on top of changing industry trends, emerging threats, and best practices.
• Overall driving the competencies and capabilities within the organization in regards to the IR field.

Requirements for the Incident Response Lead role:

• Degree or equivalent technical training in IT, information security, or a related field.
• Five years of professional experience in information security, incident response, or similar experience in large companies  / corporate environments.
• Relevant experience in IR, security monitoring, digital forensics.
• Experience with managing multiple incidents and effectively prioritizing resources, including cloud environments exposure.
• Experience dealing with management/C-level/Board communication – e.g. identifying, managing, and producing executive-level incident updates, reports, and recommendations to guide decision-making and risk management.
• Security certifications like GCIH , CISSP, CISM, CCIM, CSIH, or other specific information security or threat management certifications and experience working with frameworks like MITRE ATT&CK/D3FEND)and security-related legal and regulatory requirements (ISO 27001, NIST etc.).
• Experience with data analysis, performing complex analysis, and investigation of issues, and most importantly understanding their business impact for a risk based prioritization and remediation/mitigation advice for action to stakeholders involved.
• Experience in starting or improving relations within the organization, with IT, and with business partners to coordinate activities and professional communication.
• Experience with data analysis, performing complex analysis, and investigation of issues, and most importantly understanding their business impact for a risk based prioritization and remediation/mitigation advice for action to stakeholders involved.
• Responsive and able to take responsibility for actions & deliverables.
• Strong problem-solving skills and leadership abilities, with good interpersonal skills to build relationships and communicate findings professionally, with fluency in written and spoken English.

 Get in touch to discuss further and share more details on this or other relevant opportunities (including discussing your career in information security in general!).

Base Cyber Security helps organizations build knowledge and capabilities in information security. Supporting organizations putting together strong infosec teams or finding the right cyber security experts for their needs is a big part of that.

We work with security professionals globally for information and cyber security roles and projects across all industries in Europe. Whether you are starting your career in information security, need advice for your next step, deciding on how to build knowledge or choose a growth area in security to continue with, let’s have a conversation!

If you have not yet registered with the Base Cyber Security network, be sure to do so! Send us your details at [email protected] & follow us on Twitter @BaseCyberSec to stay up to date with our activities and relevant info.

By registering with the security community and / or showing interest in a specific role, project or team, you agree with sharing your personal information with Base Cyber Security, which will in turn collect, use and process this in an ethical, private and compliant (including under the GDPR where applicable) manner.