Title: Director of Incident Response & Monitoring Position Summary The Incident Response Director is a senior level “hands-on” role on the Cyber Security Operations Team reporting to the Chief Information Security Officer. The role is responsible for researching cyber incidents, leading comprehensive investigations, and other security related activities. The role also requires implementing additional incident response tools, technologies and enhancements as needed. Responsibilities • Lead comprehensive cyber security response and collaborate with information technology and security teams. • Communicate with C-Level leadership, Legal counsel, HR, and non-technical stakeholders. • Works with external service providers, Legal teams, and Data Privacy Officer during incident management • Present accurate oral and written presentations for both technical and non-technical audiences. • Maintain a strong collaboration and partnership with enterprise global security teams. Works with global teams providing SME leadership for incident management • Implement and maintain IR playbooks and investigates events leading to potential incidents. • Maintain operations and executive incident reporting. • Lead Incident Response readiness assessments and simulated threat table-top exercises. • Ensures IR playbooks are maintained and provides training to other internal InfoSec teammates as needed. • Maintain a strong understanding of current industry threat and vulnerability landscapes. • Possess a strong understanding of SIEM technologies, secure internet gateways, EDR/MDR, IDS, IPS • Familiar with native cloud architectures as AWS, Azure, or GCP. • Strong experience with leading EDR technologies and other network forensic tools. • Maintain a strong understanding of current cybersecurity threats and countermeasures, such as Advanced Persistent Threats (APTs), cyber-crime, hacktivism, and associated tactics. • Knowledge of industry standard frameworks as NIST, ISO, PCI, HIPAA. • Able to manage multiple activities during times of high demand. • Assist with audit findings and remediation's. • Assist other subject matter teammates as required. 

Required Qualifications: • Degree in Computer Science or other related fields. Preferred Industry certifications as (OSCP, CISSP, GCIA, GPEN, CEH, GCIH, CISM or equivalent). • Basic Threat Hunting knowledge. • Basic functionality / networking knowledge (CCNA or equivalent). • TCP/IP protocol stack knowledge. • Security tools such as CrowdStrike, SentinelOne, Tanium, Nessus, etc. • Basic troubleshooting networking tools ( Wireshark, TCPdump, Ping, CMD, etc.) • Candidate should possess strong technical and business acumen with the ability to effectively communicate in written and oral format. • Minimum of eight years’ experience in Incident Response & Monitoring • Greater than three years leadership experience • Industry experience in event and incident handling