Incident Response Coordinator

As part of the Global Cybersecurity Incident Management (GCIM) team you will coordinate containment, eradication and post-incident activities for critical cyber security incidents. You will play a key role in the Incident Response Team (IRT) overseeing, validating and documenting containment acting as a point of escalation for our Global Security Operations Center (GSOC). Following security incident containment & recovery you will be responsible for engaging with key stakeholders for any Root Cause Analysis (RCA) and post-incident activity, ensuring we have reduced the chances of incident recurrence and assessed the efficiency of our incident response techniques and procedures. What Part Will You Play? • Coordinate incident response in line with the corporate security incident response plan. • Manage post-incident activity to include scheduling and chairing Post Incident Reviews (PIR), the documentation of Root Cause Analysis and the tracking of actions to prevent incident recurrence. • Provides 24x7 on-call incident management support on rotation for critical security incidents. • Stays up to date with new and emerging threats that can affect the organisation's information assets, third party software/solutions, IT configuration changes, and network/system. • Provides executive level written communication during incident response for inquiries related to security incidents or assigned cases. • Coordinate the remediation of findings from the organisation’s Bug Bounty Program working directly with whitehat researchers. • Works closely with Risk Management teams to document identified risks and issues highlighted through post-incident or root cause analysis activities. • Maintains a working knowledge of key data security frameworks and regulations such as PCI (Payment Card Industry)/Logical Security guidelines and models, HIPPA (Health Insurance Portability and Accountability Act), (GDPR) General Data Protection Regulation, PII (Personally Identifiable Information), NIST CSF (Cyber Security Framework). • Collaborates with Legal and Privacy Offices throughout the company on critical data protection/security incidents. • Participates in reviews and assessments to provide recommendations to enhance or improve the security posture of environments as part of post incident activities and lessons learned. • Maintain and follow runbooks for day-to-day incident response activities in line with the corporate security incident response plan. What Are We Looking For in This Role? Minimum Qualifications • Relevant Experience or Degree in: Bachelor's degree in Computer Science, Info Security, or related field. Or relevant work experience in a related field. • Typically Minimum 2 Years Relevant Experience with Incident Management or Incident Response • Knowledge of network operations or engineering or system administration on Unix, Linux, MAC (Message Authentication Code), or Windows; common security operations, intrusion detection systems, Security Incident Event Management systems, Penetration Testing, Web Application assessment, Secure Coding practices, Cloud Technologies. Preferred Qualifications • ITIL V4 • Professional security certifications such as CompTIA Security+/ Cybersecurity Analyst+, or Systems Security Certified Practitioner (SSCP), or CISM(Certified Information Security Manager), or CISA(Certified-Information-Systems-Auditor), or GSEC (GIAC Security Essentials), or GCIH (GIAC Certified Incident Handler) • Knowledge of industry standard security compliance programs PCI (Payment Card Industry), GDPR (General Data Protection Regulation), NIST Cyber Security Framework etc.) • Cloud Knowledge or certifications such as Google Cloud Fundamental or AWS Foundations • Experience working in Google Workspace and JIRA What Are Our Desired Skills and Capabilities? • Strong verbal and written communication skills. • Demonstrated ability to effectively communicate ideas and persuade others to accomplish challenging goals and objectives. • Ability to facilitate meetings and enable discussions that lead to resolution and communicate results. • Skills / Knowledge - Developing professional expertise, applies company policies and procedures to resolve a variety of issues. • Job Complexity - Works on problems of moderate scope where analysis of situations or data requires a review of a variety of factors. Exercises judgement within defined procedures and practices to determine appropriate action. Builds productive internal/external working relationships. • Supervision - Normally receives general instructions on routine work, detailed instructions on new projects or assignments. • Industry Knowledge - Continued self-education of new and emerging threats and relevant processes, controls, or technologies to mitigate them. • Incident Response - Knowledge and skills to contribute to all phases of Incident Response. Apply tot his job