Head of Incident Response

• 10+ years of stable, progressive security experience and currently serving as the Global Head of Incident Response for a Fortune 100 corporation in the DMV area
• GCIH, ECIH, CEH, CompTIA Security+ & Network+ certifications, in addition to a Master of Science in Cyber Security
• Heavily focused on building and strengthening relationships across the globe at all levels
• Humble, great sense of humor, and fantastic listener

Additional Responsibilities:

• Build, grow, develop, and oversee a security operations team including external providers to increase the value, sophistication and application of internal threat intelligence services.
• Enhance the functionality and proficiency of Company’s SOC practice which include the following:
• Lead the CSIRT practice responsible for 24x7x365 monitoring of all security events and management of all security threats, incident response and cyber threat intelligence.
• Operating intrusion detection and prevention (IDS/IPS) capabilities and managing Incident Response capabilities across the Enterprise
• End-to-end ownership of vulnerability scanning and associated remediation plans and processes
• Lead technical Identity and Access Management (IAM) services
• Architect, engineer and operate Cyber Security tools to support business operations of all systems globally
• Define, identify and classify critical information assets, assess threats and vulnerabilities regarding those assets and implement safeguards
• Support the creation of business continuity/disaster recovery plans, to include conducting disaster recovery tests, publishing test results, and making changes necessary to address deficiencies

Qualifications and Desired Experience:

• Hands on technical experience, deep technical knowledge and understanding of information security and associated solutions and tools such as data loss prevention, database security, endpoint and network security tools, and best practices.
• BS or MA in Computer Science, Information Security, or a related field
• Certified Information Systems Security Professional (CISSP) and/or Certified Information Security Manager (CISM)
• 5+ years of experience in information security, especially on a Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC) or a Security Operations Center (SOC)
• 10+ years of experience in another IT function, especially IT Audit
• 3+ years of experience with regulatory compliance and information security management frameworks (e.g., IS027000, COBIT, NIST 800, etc.)
• Prior experience in situations requiring one to react quickly, decisively, and deliberately in high-stress, high-impact situations
• Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one
• Able to effectively influence others to modify their opinions, plans, or behaviors
• Strong depth of knowledge in business needs and commitment to delivering high-quality, prompt, and efficient service to the business
• Technical expertise in anti-virus solutions, virus outbreak management, and the ability to differentiate virus activity from directed attack patterns
• Technical expertise in Intrusion Prevention System (IPS)/Intrusion Detection System (IDS), SIEMs and other Computer Network Defense (CND) security tools.