Vacancy expired!
Job Description
Verisk is seeking a Director, Cyber Security - Incident Response to lead the continued evolution of Verisk’s Cyber Incident Response program. This leader will be responsible for leading the Threat and Incident Response team, with overall accountability for timely and appropriate response to security alerts, threats and incidents. This role will report to the AVP, Cyber Threat Management within the Enterprise Risk Management group. This will be a key role as it is one of the main lines of defense of the organization, and the incumbent will be expected to lead technical staff through an incident as well as brief senior leaders, all while maintaining confidentiality.
This role will lead cross-functional teams responsible for both the day to day security event and incident management, as well as handling major incident response through the entire incident lifecycle, including conducting postmortem meetings and following improvement actions to completion. Experience with incident documentation and automation tools is a must, as well as experience with multiple aspects of incident response.
The responsibilities of this role are:
- Lead technical incident response efforts from identification to post-mortem.
- Direct the Enterprise Incident Response Program.
- Defines and maintains dashboards and metrics that support the Incident Response Program.
Qualifications
- 7-10+ years of work experience in leading security incident response processes both in cloud, virtualized, and on-premise environments.
- 5+ years of direct experience in high pressure situations managing and responding to complex technical cyber security incidents.
- Experience influencing key stakeholders to resolve high impact security incidents.
- Demonstrated ability to communicate complex subjects regarding strategic and tactical processes of incident response to stakeholders of varying technical levels.
- Develop and present accurate and timely information to stakeholders outlining proper technical solutions, recommendations, and accurate conclusions.
- Proven skills in various elements of incident response including but not limited to computer intrusion investigations and digital forensics in enterprise environments.
- Proficiency with leading EDR platforms as well as familiarity with forensic analysis tools.
- Strong understanding of attacker methodologies including attack lifecycle, cyber kill chain, and the [emailprotected] framework.
- Understanding of current and emerging threats and associated countermeasures, through the establishment of strong relationships with cyber threat teams and vendors. This includes directing a team on managing, maintaining, and increasing visibility into the organization and applying that threat intelligence to proactively mitigate risk.
- Ability to work independently on multiple projects with minimal supervision and meet aggressive deadlines is essential.
- Preferred Certifications GCIH, GCFA, GCFE, GREM, CISSP.
#LI-JB1
Additional Information
Verisk Analytics is an equal opportunity employer.
All members of the Verisk Analytics family of companies are equal opportunity employers. We consider all qualified applicants for employment without regard to race, religion, color, national origin, citizenship, sex, gender identity and/or expression, sexual orientation, veteran's status, age or disability.
http://www.verisk.com/careers.html
Unsolicited resumes sent to Verisk, including unsolicited resumes sent to a Verisk business mailing address, fax machine or email address, or directly to Verisk employees, will be considered Verisk property. Verisk will NOT pay a fee for any placement resulting from the receipt of an unsolicited resume.
Vacancy expired!