Director - Incident Response - Cisco - Raleigh

Job description
Essential Responsibilities:
• Direct Cisco’s Global Computer Security Incident Response Team
• Manage escalations for critical investigations & serve as the information security focal point for all cross-business investigations
• Coordinate incident response and crisis management activities with the International community, along with U.S. Federal, State & local LEO and government agencies.
•Develop and implement response plans for the cloud computing environment to protect Cisco Customers, Cisco Business Units, and Business Partners
• Experience with global jurisdictional regulations on protecting personally identifiable information and customer data
• Manage CSIRT operations and investigations according to best practices, maintaining a standard of the highest quality & confidentiality
•Drive operational efficiency that directly contributes to detecting and containing cyber incidents affecting the company by leveraging security metrics, incident trends, and risk management practices
• Mentors other managers, engineers & investigators in security and CSIRT best practices

• Conduct briefings on sensitive investigations to a broad spectrum of audiences, ranging from Senior Executive management to Government officials to IT Leadership
• Represent Cisco in the larger security community through speaking at security conferences, blogs, and whitepaper development
• Work with Cisco legal teams to develop and maintain best practices and policy for e-discovery, ensuring consistent retention periods and retrieval policies across shared systems
•Ensure a high degree of operational readiness through table-top exercises, after-action reviews from major incidents, and implementing streamlined response procedures to quickly contain & communicate incident details
• Develop a company-wide incident reporting process and provide situational awareness of incident trends to senior business leaders
• Work with security operations teams to provide best-in-class monitoring, response, and reporting for network and computer incidents
• Maintain and operate security monitoring infrastructure for the detection of network or system intrusions including managing the DLP program
•Drive Threat Focused operations through the use of cyber threat intelligence to Protect Cisco and customers

Qualifications/Requirements
• Bachelor's degree in information assurance / security, information technology, or other technical field
• Must possess strong verbal & written communication skills
• Strong critical thinking and group facilitation skills, specifically in large or complex problem settings
• 10+ years of experience in information security or incident response
• Industry or sector leadership in developing and improving the field of Incident Response (e.g. FIRST)
• Awareness of industry trends and developments
• Hands-on experience developing large-scale incident response processes
• Change agent with ability to drive compliance, protocols, and standardization
• Strong technical background in computer systems and networks
• Strong business acumen & successful track record in aligning with customers
• Strong cross-functional team player with ability to manage and coach others in a matrix structure, across time zone and national boundaries
• Must have unrestricted authorization to work in the United States
• Must submit to a background investigation, including verification of past employment, criminal history and educational background
• Must be able to successfully pass requirements for Top Secret (TS) level clearance

Desired Characteristics:
• Experience conducting or managing penetration testing teams
• Certified Information Systems Security Professional (CISSP)
• Experience with services management and operations processes, such as ITIL, CMM, and Six Sigma

Enter your email address:

Refer This Job To Your Friends And Help Them To Find Jobs!