Senior Cyber Security Specialist - Cyber Incident Management.

Job Summary:

We are seeking a Senior Specialist, Cyber Incident Management to lead critical aspects of our security operations and incident response functions. This role demands a proactive individual capable of hands-on investigation and response, while also providing expert guidance and driving the maturity of our DFIR capabilities.

Key Responsibilities:

• Act as a Senior SME for the Cyber Incident Management team, contributing to day-to-day security operations activities.
• Provide expert guidance and mentorship to Cyber Incident Management Specialists.
• Conduct efficient and thorough investigations of security alerts, events, and incidents.
• Drive the continuous fine-tuning and optimization of security use cases within the security solutions.
• Take charge and lead incident response efforts during major security incidents.
• Play a key role in establishing and maturing comprehensive DFIR capabilities.
• Develop and refine incident response playbooks, Standard Operating Procedures (SOPs), and other critical operational documentation.
• Proactively develop and maintain comprehensive documentation for incident response activities.
• Define, track, and report on key metrics monthly to measure the effectiveness of security operations and incident response.
• Prepare detailed and clear incident reports for various stakeholders.
• Build a strong partnership with our Managed Security Service Provider (MSSP) for efficient alert escalation and collaboration.
• Provide advanced technical support and guidance to other IT & Cyber teams on security best practices, emerging threats, and incident prevention strategies.

Qualifications:

Mandatory:

• An undergraduate degree or diploma in computer science, information security, or a related technical discipline.
• 5+ years of progressive industry experience working in Cybersecurity operations, with a significant focus on Incident Response and Security Operations (SecOps) leadership or senior roles.
• Demonstrated expertise in leading and conducting complex security investigations and incident response efforts.
• Strong understanding of network and system security concepts, including TCP/IP, operating systems (Windows, Linux), common attack vectors, and defensive strategies.
• Proficiency in using a variety of security tools and technologies, including but not limited to: SIEM, EDR, IDS/IPS, Firewalls, Email security gateways, Proxy, etc.
• Excellent analytical and problem-solving skills with a methodical approach to complex investigations.
• Strong attention to detail and the ability to work effectively and make sound decisions under pressure during critical incidents.
• Ability to work outside of regular business hours, including nights and weekends, to respond to security incidents.
• Excellent written and verbal communication skills, with the ability to articulate highly technical information clearly and concisely to diverse audiences.
• Strong interpersonal skills, with a proven ability to build rapport, influence, and collaborate effectively with diverse teams, external partners, and vendors.
• Advanced industry certification(s) such as GCIH, GCFA, ECIH, OSIR, BTL2, or equivalent.

Nice to have:

• Proven experience working directly in or closely with Managed Security Service Providers (MSSPs) at a senior or lead level.
• Demonstrated experience in developing and implementing Digital Forensics and Incident Response (DFIR) programs, including handling complex and large-scale incidents.

We offer a comprehensive Total Rewards package, including competitive benefits, access to virtual health care, retirement and savings plan, and learning and development resources.

We are committed to accommodating applicants with disabilities throughout the hiring process and will work with applicants requesting accommodation at any stage of this process.