Cyber Security Incident Response Manager - RH

Cyber Security Incident Response Manager - RH

Job ID #:27982

Position Type:Contractor/Temporary

Location:Rosemont, IL

Shift:1st

Department:Information Technology and Technical Support

Education Required:Bachelors Degree

Experience Required:3 - 5 Years

Position Description:We are Driven by Excellence, Dedicated to People in everything we do…no matter the job. A unique and fulfilling work experience comes with every position within the Reyes Family of Businesses - where there’s always an opportunity to grow and develop in a family-owned environment grounded in values and ethics.Position Summary:The Cyber Security Incident Response Manager is responsible for managing security incident response operations across all Reyes Holdings Family of Business, according to documented procedures and industry best practices. The ideal candidate should demonstrate enthusiasm and interest in Information Security, have a passion for collaborating with various resources across multiple departments and business units.Primary Responsibilities:

Provide first responder forensics analysis and investigation

Drives containment strategy during data loss or breach events

Maintains chain of custody of incident evidence

Provides recommendations to resolve and/or reduce impact of incident and to prevent future similar incidents

Assessing scope of incident damage and assisting in the determination of incident severity

Triage and resolve advanced vector attacks such as botnets and advanced persistent threats (APTs)

Work directly with data asset owners and business response plan owners during high severity events of interest

Develop and present recommendations for tuning of IDS, proxy policy, in-line malware tools based on threat feeds, trust and reputation data, events, or vulnerabilities and exploits of downstream systems

Provide tuning and control change recommendations to administrators based on findings during investigations or threat information reviews

Manage, monitor, and ensure SLA’s/SLO’s are achieved by internal and 3rd party business partners.

Develop and enrich restoration procedures to mitigate future outages and business disruptions.

Own business impacting situations, and work to restore normal service operations in cooperation with cross-functional partners.

Identify and recommend opportunities for “clean-slate” process improvement with regards to incident management, fault monitoring, triage procedures and issue escalation.

Collaborate with architecture, development, and engineering teams to identify the root cause of recurring incidents and create action-plans for resolution.

Leverage and lead the root-cause/problem management process to correlate trends business impacts.

Ensure timely communications and updates are provided for incident management and root-cause scenarios.

Maintain on-call availability for 24x7x365 coverage

Other projects or duties as assigned.

Position Requirements:Required Skills and Experience:

Bachelor’s degree in a technology-related field.

Minimum of 2-3 years of combined experience in the Information Security / Cybersecurity domain with a focus on incident response but overall more than 5 years of IT experience.

Demonstrated ability to translate technical incidents into business terms.

Proven track record and experience of the following in a highly complex and global organization:

Strong problem solving and troubleshooting skills with experience exercising mature judgment

Excellent teamwork and interpersonal skills

This position must pass a post-offer background and drug test.

Preferred Skills and Experience :

Certification: A least one professional security management certification, such as:

Certified Incident Handler v2 (ECIH)

GIAC Certified Incident Handler (GCIH)

Certified Computer Security Incident Handler (CSIH)

Certified Expert Incident Manager (CEIM)

GIAC Certified Forensic Analyst (GCFA)

GIAC Certified Forensic Examiner (GCFE)

AWS, Azure, Cisco Certified Security Professional (CCSP)

Physical Demands and Work Environment :Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Due to the nature of our business in regard to such things as delivery schedules, order inputs, selection, and Department of Transportation Hours of Service, overtime, attendance and punctuality are essential job functions. Should an individual in this classification not be able to adhere to this requirement due to a disability, they should contact their Human Resources department to see what, if any, reasonable accommodation may be made.As an Equal Opportunity Employer, Reyes Holdings companies will recruit and select applicants for employment solely on the basis of their qualifications. Our Practices and Procedures, including those relating to wages, benefits, transfers, promotions, terminations and self-development opportunities, will be administered without regard to race, color, religion, sex, sexual orientation and gender identity, age, national origin, disability, or protected veteran status and all other classes protected by the Federal and State Government. Drug Free Employer.