Incident Response, Client Incident Commander - Secureworks - Atlanta, GA
Atlanta, GeorgiaJob ID R73061 Date posted Jul. 05, 2019
Incident Response, Client Incident Commander
Secureworks (SCWX-NASDAQ) is a global leader in intelligence-driven information security solutions. We help organizations confidently pursue business goals in a digitally-connected world. Consistently recognized by industry analysts and readers’ polls, we are one of the best in the world at understanding and anticipating threat behavior. We see 250 billion events every day across 4400 clients in more than 55 countries, and our solutions work across all the layers of a client’s security environment, including 330 different vendor technologies. Join a talented, dedicated, and diverse team of researchers, analysts, engineers, consultants and business professionals who are focused 100% on protecting our clients from cyber threats. We seek out the brightest minds and empower our teams with the tools and support they need to fight the bad guys and maintain our company’s leadership in the cyber security industry.
Uniquely positioned to adapt as the industry evolves, we are also proud to be part of the Dell Technologies family. We enjoy competitive compensation and benefits packages, and reward and recognize our employees for exceptional results. A constant focus on continued learning and growth keeps our team members engaged and excited about “what’s next.” We offer flexible work options when available, and emphasize the importance of work-life balance. We know that when our people are rewarded, recognized, and rejuvenated, we win as a team.
The IR Services Incident Commander is a senior level position coordinating with clients, Secureworks IR team members, and across the company on the business and risk mitigation aspects of incident response, and developing customized remediation plans.
This position requires up to 60% travel with possible extended assignments for large incidents.
- Serve as a trusted advisor and subject matter expert to clients and guide client senior leadership through managing business impacts and risk mitigation associated with a cyber incident or data breach ensuring client satisfaction
- Act as the incident commander in specific engagements and lead company remediation functions coordinating with IR and Threat Intelligence delivery teams to handle inquiries, briefings, and client facing status reports in a variety of formats.
- Develop incident response containment plans and remediation strategies; present strategic and tactical plans both orally and in written reports for clients and all involved third parties.
- Execute and enhance incident command and remediation workflows, ensuring that defined standards are suitable to support multiple IR service delivery teams for cyber incidents ranging from single system compromises, full network intrusions, and crisis events.
- Participate in client outreach and service delivery checkpoint efforts for enterprise tier and incident management retainer clients.
- Participate in the technical peer review process for cyber incident response and threat hunting engagement deliverables.
- Work with client prospects to help them understand the value of incident response.
- Publish and speak on behalf of the incident response practice in blog posts, white papers, and conference presentations.
- Minimum of 10 years of experience in cybersecurity operations
- Minimum of 3 years managing an Incident Response Team
- Minimum of one or more of the following certifications: GREM, GCFA, GCFE, CISA or CISSP
- Strong technical communication skills (oral and written) and client demeanor, including experience briefing executive management and a desire to work with clients to solve complex cybersecurity events and crisis situations
- Strong understanding of cyber threat actor intrusion techniques and the ability to create customized strategic and tactical remediation plans for compromised organizations.
- International data privacy and cybersecurity control regulatory framework knowledge and experience
- Former CISO or senior security leader in a business
- Former law enforcement with expertise in large cyber crime cases or former military with experience managing military cyber defense capabilities
- Experience managing and conducting cyber incident response investigations for nation state threat actors, organized cyber crime, and hacktivists.
- Proven track record in developing/cultivating IR business and client relationships
- Professional degree relevant to technology or cybersecurity
Location – Atlanta, GA, USA with travel up to 60%
Secureworks (A Dell Technologies Company) is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at Secureworks are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. Secureworks will not tolerate discrimination or harassment based on any of these characteristics. Learn more about Diversity and Inclusion at Secureworks here.