Cybersecurity Incident Manager

We are looking for a seasoned, detail-oriented Security Incident Manager to join our security team. The Cybersecurity Incident Manager is a senior role responsible for managing, documenting and communicating enterprise-level cybersecurity incidents. This crucial role involves the careful documentation and management of security incidents, ensuring our response is thorough and aligned with compliance and regulatory requirements.The Security Incident Manager will act as a key liaison between the central Security Operations Center (SOC) and internal stakeholders, facilitating clear communication with senior leadership and driving incident resolution. This individual will drive teams to ensure timely detection, containment, eradication, and recovery from cyber threats while minimizing operational disruptions.

Your Impact

Incident Response Leadership

• Lead all phases of incident response, including detection, analysis, containment, eradication, recovery and communication.
• Act as the primary decision-maker during cybersecurity incidents, coordinating efforts across technical and business teams.
• Ensure adherence to the organization's incident response framework and regulatory requirements.

2.Strategic Communication

• Serve as the main point of contact for incident updates to executive leadership and stakeholders.
• Provide detailed, actionable reports during and after incidents, including root cause analysis and mitigation strategies.

3.Collaboration and Coordination

• Collaborate with Corporate CSIRT, Incident Command, Cyber legal, IT, risk management, Data Protection and other departments to ensure a unified response.
• Engage with third-party vendors, Managed Security Service Providers (MSSPs), and law enforcement when necessary.

4.Preparation and Readiness

• Develop, maintain, and test incident response plans, playbooks, and escalation procedures.
• Conduct regular tabletop exercises and simulations to train and prepare teams.
• Oversee the generation of post-incident reports and ensure lessons learned are incorporated into future planning.
• Recommend security enhancements to prevent recurrence of incidents.

6.Compliance and Reporting

• Ensure compliance with industry regulations and organizational policies during incident response.
• Stay updated on emerging threats and trends in cybersecurity to improve response capabilities.

Minimum Qualifications

• At least 8+ years of experience in cybersecurity
• Demonstrated experience managing large-scale cybersecurity incidents.
• Strong understanding of regulatory requirements and industry standards (e.g., CSL, DSL, PIPL, GDPR, HIPAA, PCI-DSS).
• Excellent written and verbal communication abilities in English

Preferred Qualifications

• 3+ years in an incident response or leadership role.
• Certifications such as CISSP, CISM, GIAC Certified Incident Handler (GCIH), Security+, or Certified Information Systems Auditor (CISA) preferred.
• Exceptional leadership and decision-making under pressure.
• Strong analytical and problem-solving skills.
• Collaborative mindset with an ability to manage cross-functional teams.
• Ability to coordinate 24 x 7 cross geographic incidents.

#WeAreCisco

#WeAreCisco where every individual brings their unique skills and perspectives together to pursue our purpose of powering an inclusive future for all.

Our passion is connection—we celebrate our employees’ diverse set of backgrounds and focus on unlocking potential. Cisconians often experience one company, many careers where learning and development are encouraged and supported at every stage. Our technology, tools, and culture pioneered hybrid work trends, allowing all to not only give their best, but be their best.

We understand our outstanding opportunity to bring communities together and at the heart of that is our people. One-third of Cisconians collaborate in our 30 employee resource organizations, called Inclusive Communities, to connect, foster belonging, learn to be informed allies, and make a difference. Dedicated paid time off to volunteer—80 hours each year—allows us to give back to causes we are passionate about, and nearly 86% do!

Our purpose, driven by our people, is what makes us the worldwide leader in technology that powers the internet. Helping our customers reimagine their applications, secure their enterprise, transform their infrastructure, and meet their sustainability goals is what we do best. We ensure that every step we take is a step towards a more inclusive future for all. Take your next step and be you, with us!

Message to applicants applying to work in the U.S. and/or Canada:

When available, the salary range posted for this position reflects the projected hiring range for new hire, full-time salaries in U.S. and/or Canada locations, not including equity or benefits. For non-sales roles the hiring ranges reflect base salary only; employees are also eligible to receive annual bonuses. Hiring ranges for sales positions include base and incentive compensation target. Individual pay is determined by the candidate's hiring location and additional factors, including but not limited to skillset, experience, and relevant education, certifications, or training. Applicants may not be eligible for the full salary range based on their U.S. or Canada hiring location. The recruiter can share more details about compensation for the role in your location during the hiring process.

U.S. employees haveaccess to quality medical, dental and vision insurance, a 401(k) plan with a Cisco matching contribution, short and long-term disability coverage, basic life insurance and numerous wellbeing offerings.

Employees receive up to twelve paid holidays per calendar year, which includes one floating holiday (for non-exempt employees), plus a day off for their birthday. Non-Exempt new hires accrue up to 16 days ofvacation time off each year, at a rate of 4.92 hours per pay period. Exempt new hires participate in Cisco’s flexible Vacation Time Offpolicy, which does not place a defined limit on how much vacation time eligible employees may use, but is subject to availability and some business limitations. All new hires are eligible for Sick Time Off subject to Cisco’s Sick Time Off Policy and will have eighty (80) hours of sick time off provided on their hire date and on January 1st of each year thereafter. Up to 80 hours ofunused sick timewill be carried forwardfrom one calendar yearto the nextsuch that the maximum number of sick time hours an employee may have available is160 hours. Employees in Illinois have a unique time off program designed specifically with local requirements in mind. All employees also have access to paid time away to deal with critical or emergency issues. We offer additional paid time to volunteer and give back to the community.

Employees on sales plans earn performance-based incentive pay on top of their base salary, which is split between quota and non-quota components. For quota-based incentive pay, Cisco typically pays as follows:

.75% of incentive target for each 1% of revenue attainment up to 50% of quota;

1.5% of incentive target for each 1% of attainment between 50% and 75%;

1% of incentive target for each 1% of attainment between 75% and 100%; and once performance exceeds 100% attainment, incentive rates are at or above 1% for each 1% of attainment with no cap on incentive compensation.

For non-quota-based sales performance elements such as strategic sales objectives, Cisco may pay up to 125% of target. Cisco sales plans do not have a minimum threshold of performance for sales incentive compensation to be paid.