Incident Response Coordinator

As part of the Global Cybersecurity Incident Management (GCIM) team you will coordinate containment, eradication and post-incident activities for critical cyber security incidents. You will play a key role in the Incident Response Team (IRT) overseeing, validating and documenting containment acting as a point of escalation for our Global Security Operations Center (GSOC). Following security incident containment & recovery you will be responsible for engaging with key stakeholders for any Root Cause Analysis (RCA) and post-incident activity, ensuring we have reduced the chances of incident recurrence and assessed the efficiency of our incident response techniques and procedures.

What Part Will You Play?
• Coordinate incident response in line with the corporate security incident response plan.
• Manage post-incident activity to include scheduling and chairing Post Incident Reviews (PIR), the documentation of Root Cause Analysis and the tracking of actions to prevent incident recurrence.
• Provides 24x7 on-call incident management support on rotation for critical security incidents.
• Stays up to date with new and emerging threats that can affect the organisation's information assets, third party software/solutions, IT configuration changes, and network/system.
• Provides executive level written communication during incident response for inquiries related to security incidents or assigned cases.
• Coordinate the remediation of findings from the organisation’s Bug Bounty Program working directly with whitehat researchers.
• Works closely with Risk Management teams to document identified risks and issues highlighted through post-incident or root cause analysis activities.
• Maintains a working knowledge of key data security frameworks and regulations such as PCI (Payment Card Industry)/Logical Security guidelines and models, HIPPA (Health Insurance Portability and Accountability Act), (GDPR) General Data Protection Regulation, PII (Personally Identifiable Information), NIST CSF (Cyber Security Framework).
• Collaborates with Legal and Privacy Offices throughout the company on critical data protection/security incidents.
• Participates in reviews and assessments to provide recommendations to enhance or improve the security posture of environments as part of post incident activities and lessons learned.
• Maintain and follow runbooks for day-to-day incident response activities in line with the corporate security incident response plan.

What Are We Looking For in This Role?

Minimum Qualifications
• Relevant Experience or Degree in: Bachelor's degree in Computer Science, Info Security, or related field. Or relevant work experience in a related field.
• Typically Minimum 2 Years Relevant Experience with Incident Management or Incident Response
• Knowledge of network operations or engineering or system administration on Unix, Linux, MAC (Message Authentication Code), or Windows; common security operations, intrusion detection systems, Security Incident Event Management systems, Penetration Testing, Web Application assessment, Secure Coding practices, Cloud Technologies.

Preferred Qualifications
• ITIL V4
• Professional security certifications such as CompTIA Security+/ Cybersecurity Analyst+, or Systems Security Certified Practitioner (SSCP), or CISM(Certified Information Security Manager), or CISA(Certified-Information-Systems-Auditor), or GSEC (GIAC Security Essentials), or GCIH (GIAC Certified Incident Handler)
• Knowledge of industry standard security compliance programs PCI (Payment Card Industry), GDPR (General Data Protection Regulation), NIST Cyber Security Framework etc.)
• Cloud Knowledge or certifications such as Google Cloud Fundamental or AWS Foundations
• Experience working in Google Workspace and JIRA

What Are Our Desired Skills and Capabilities?
• Strong verbal and written communication skills.
• Demonstrated ability to effectively communicate ideas and persuade others to accomplish challenging goals and objectives.
• Ability to facilitate meetings and enable discussions that lead to resolution and communicate results.
• Skills / Knowledge - Developing professional expertise, applies company policies and procedures to resolve a variety of issues.
• Job Complexity - Works on problems of moderate scope where analysis of situations or data requires a review of a variety of factors. Exercises judgement within defined procedures and practices to determine appropriate action. Builds productive internal/external working relationships.
• Supervision - Normally receives general instructions on routine work, detailed instructions on new projects or assignments.
• Industry Knowledge - Continued self-education of new and emerging threats and relevant processes, controls, or technologies to mitigate them.
• Incident Response - Knowledge and skills to contribute to all phases of Incident Response.

Apply tot his job