As a Cybersecurity Incident Manager you will:
- Support the Enterprise Cyber Incident Manager (ECIM) in triage coordination and response efforts.
- Identify develop and coordinate mitigation and remediation actions to ensure a coherent response to identified cyber events and incidents of interest across the Enterprise.
- Liaise with a wide range of stakeholders to ensure accurate information sharing and timely communication of mitigation actions.
- Prepare and conduct Cyber Incident Task Force (CITF) meetings; track progress on lines of effort and escalate issues to ECIM when required.
- Provide administrative support for the planning conduct and reporting of CITFs and Incident Coordination and DecisionMaking Groups (ICDMGs).
- Prepare internal communication products on cyber incidents including records of meetings and cyber incident reports for senior leadership.
- Support the development and implementation of the Enterprise cyber incident management Directive and Framework.
- Assist in the annual update of the Cyber Incident Response Plan (CIRP) and develop its supporting annexes and handbooks.
- Support the preparation conduct and evaluation of the annual OCIOled Exercise Enterprise Pathfinder (ENPAF).
- Ensure that lessons identified from previous ENPAF iterations and CITFs are integrated into the Enterprise cyber incident management process.
- Assist ECIM in the preparation and participation in other cyberrelated exercises.
What You Bring to the Table:
- A degree from a university or establishment of similar standing.
- At least 3 years of experience in cybersecurity incident management and response preferably in a large organization.
- Experience in cyber incident management exercise planning processes and scenarios.
- Experience in developing processes and cybersecurity incident response plans preferably in a large organization.
- Experience in providing cybersecurity advice and guidance following incidents in cyberspace.
- Knowledge and experience in coordinating with multiple stakeholders during response activities to cybersecurityrelated incidents in large geographically dispersed organizations.
- Excellent knowledge and experience with cybersecurity incident response best practices.
- Good knowledge of the principles policies and procedures governing cybersecurity preferably in military and/or defense organizations.
- Ability to draft clear and concise reports produce and maintain cybersecurity incident reports security and risk logs and systems in support of cybersecurity incident response activities.
You should possess the ability to:
- Perform effectively and efficiently with minimal supervision.
- Triage coordinate and respond to cyber incidents.
- Develop and coordinate mitigation and remediation actions.
- Liaise with a wide range of stakeholders for accurate information sharing.
- Prepare and conduct CITF meetings and track progress.
- Provide administrative support for CITFs and ICDMGs.
- Prepare internal communication products for cyber incidents.
What we bring to the table:
- A challenging and dynamic work environment.
- Opportunities for professional growth and development.
- Access to cuttingedge cybersecurity technologies and practices.
- Collaboration with a wide range of stakeholders across the Enterprise.
- Involvement in highimpact cyber incident management and response activities.