Manager / Deputy Manager (Cybersecurity Incident Management)

You will be part of a team responsible for leading and managing the response to cybersecurity incidents, ensuring that threats are quickly identified, analyzed, and mitigated. This role requires a combination of technical expertise, strong communication skills and the ability to lead a team in high-pressure situations. The incident Manager will work closely with various teams to protect the organization’s assets and maintain a robust security posture.

Key responsibilities include:

1. Incident Response Management:
   
   
   
   • Lead and coordinate the response to cybersecurity incidents from identification through resolution.
   
   
   • Ensure timely detection, containment, eradication, and recovery from security incidents
   
   
   
   


2. Incident Analysis and Investigation:
   
   
   
   • Perform thorough analysis and investigation of security incidents to determine root cause, impact, and scope.
   
   
   • Utilize various forensic tools and methodologies to collect and analyze evidence.
   
   
   
   


3. Coordination and Communication:
   
   
   
   • Serve as the primary point of contact for cybersecurity incidents, coordinating with internal teams, external partners, and stakeholders.
   
   
   • Communicate incident status, impact, and remediation efforts to executive leadership and relevant parties.
   
   
   
   


4. Documentation and Reporting:
   
   
   
   • Maintain detailed documentation of incidents, including timelines, actions taken, and lessons learned.
   
   
   • Produce comprehensive incident reports and metrics for internal and external reporting.
   
   
   
   


5. Process Improvement:
   
   
   
   • Develop, refine, and implement incident response processes and playbooks.
   
   
   • Conduct post-incident reviews and lessons learned sessions to identify areas for improvement.
   
   
   
   


6. Training:
   
   
   
   • Conduct drills and TTX to train incident response team members to response to cyber incident.
   
   
   
   


7. Threat Intelligence Integration:
   
   
   
   • Leverage threat intelligence to proactively identify potential threats and vulnerabilities.
   
   
   • Integrate threat intelligence into incident response processes.
   
   
   
   


8. Compliance and Standards:
   
   
   
   • Ensure incident response activities comply with relevant regulations, standards, and industry best practices.
   
   
   
   

Requirements:

• Degree in Computer Engineering, Computer Science, Cybersecurity, Information Security, Electrical & Electronics Engineering; or equivalent


• At least 5 years of cybersecurity incident response experience in IT environments and 2 years in OT/ICS environments


• Strong knowledge of cybersecurity principles, threats, and attack vectors


• Proficiency in forensic analysis, malware analysis, and incident response tools


• Experience with SIEM, IDS/IPS, and other security technologies


• Those with GCIH, GICSP, GRID, CISSP, CISM certification would have an advantage


• Strong leadership, communication, interpersonal, analytical and problem-solving skills in a fast-moving environment