Incident Response Manager - Remote

Overview

The Incident Response Manager will be responsible for working across various functional APC internal teams such as Threat Detection & Response, Security Ops, and Client Infrastructure, Network or Incident/Problem Management teams. During steady-state (i.e., non-incident times) this role is responsible for ensuring adherence to various incident practices, tracking risks, threats, and low-level incidents to ensure readiness. During incidents, this role is responsible for leading response across impacted stakeholders ensuring transparent communication, tracking issues, assigning tasks, and driving responders to a rapid and effective incident resolution. Additionally, the candidate in this role needs to have expertise in forensic information collection and analysis using commercial and open-source tools. This role will be responsible for working with the APT practice leads and CIO/CTO to develop methods, runbooks, and identify the common incident response tools to support APT’s clients.

In Short

• Operationalize incident management plans, technology, capabilities, and services
• Lead incident response teams during cross-entity incidents
• Advise, guide, and direct regional security operation leadership and stakeholders on incident management strategy and execution
• Support executive and corporate-level crisis managers during enterprise-wide crises
• Support metrics and reporting for incident data
• Assist in defining and standardizing Incident Response practices, methods, and tools under the direction of the Threat & Incident Response Practice Manager
• Provide forensic experience and support for APT clients during an incident
• Train other APT team members in forensic practices and tools
• This position is part of a 24/7 operation and requires availability to provide shift and/or on-call work

Requirements

• 4+ years' experience in security incident management operations, planning and/or exercises
• CISSP, CISM, Certified Incident Handler or Manager certifications are desired but not required with equivalent experience
• Coordinating corporate functions in a complex environment (multi-national preferred)
• Technical experience with forensic processes and tools and defensible information collection to support potential litigation
• Certifications in one or more forensic tools is desired but equivalent experience is accepted
• Certification/experience with ITIL or COBIT for Incident management is desired
• Managing through ambiguity and ability to make high stakes decisions with limited information
• Prioritizing workload to meet deadlines and objectives
• Writing clearly and succinctly, and in a manner which appeals to a wide audience
• Coordinating high-profile, complex incident situations
• Smart judgments and decision making during high-urgency situations
• Social media, entertainment, startup, and/or tech industry (preferred)
• Prior experience and ability to work in a 24/7/365 operations environment
• Some travel may be required

Benefits

• Opportunity to work in a dynamic and challenging environment
• Engagement with various internal teams and stakeholders
• Professional development and training opportunities
• Flexible working arrangements
• Participation in high-stakes incident management