Incident Response Coordinator

Cisco   •  

Boston, MA

Industry: Networks


5 - 7 years

Posted 386 days ago

What You’ll Do

The Incident Coordinator will exercise agile project management techniques to coordinate Cisco Incident Response Services to cyber incidents on behalf of our customers. The best candidates for the role have a strong comprehension of incident response, can command a meeting and crisis, work well with other people and have strong verbal and written communication skills, a sense of diplomacy, ability to anticipate obstacles, and decision-making skills to handle the fast-paced world of incidents. Additionally, the Incident Coordinator may perform proactive work such as designing and performing Table Top Exercises and performing IR Readiness Assessments.

Who You’ll Work With

When you work with us, you’ll be part of a highly empowered collaborative team focused on both helping our clients be both better prepared to defend against adversaries on their network, as well as responding to active incidents within their network.

Who You Are

Both your clients and your teammates consider you a charismatic, articulate individual and a borndiplomat. You check your ego at the door and learn from others constantly, while also helping to educate those who aren’t as versed as you are in topics. As a result, you have a track record of working tirelessly to help your clients and teammates and have even come up with some novel techniques in your time.

Required Skills:

•               Respond to cyber incidents caused by internal and external threats to our customers, that may involve nontraditional working hours

•               Coordinate response efforts to cyber incidents that may involve nontraditional working hours

•               Serve as a liaison to different businesses and interface with fellow team members and colleagues on othersecurity teams. As-needed, manage relationships with business partners, management, vendors, and external parties

•               Design, lead and participate in Table Top Exercises with customers

•               Lead and perform Incident Response Readiness Assessments for customers

•               Draft communications, assessments, and reports that may be both internal and customer facing, to include leadership and executive management

•               Understanding of different attacks and how best to design custom containment and remediation plans for customers

•               Lead projects as directed by leadership

•               Be a champion for process. Develop, document, and adhere to processes to ensure consistent and scalable response operations

•               Demonstrate industry leadership through blog posts and public speaking at conferences and events

•               Minimum 5 years of experience in information security

•               Minimum 4 years of experience handling incidents

•               Must be willing to be on-call and work off-shift hours, to include nights, weekends, and holidays

•               Must be willing to routinely travel with less than 24-hour notice, up to 35% of the time

Desired Characteristics:

•               4-yeardegree in Computer Science or a related technical degree

•               Detailed understanding of Advanced Persistent Threat (APT), Cyber Crime, Hacktivism and associated tactics

•               Experience in host centric analysis utilizing a variety of tools (e.g. F-Response, X-Ways, Volatility, Cisco AMP, etc…)

•               Experience in network centric analysis utilizing a variety of tools (e.g. ELK, StealthWatch, Cisco Umbrella, etc...)

•               Strong track record of understanding and interest in recognized IT Security-related standards and technologies, demonstrated through training, job experience and/or industry activities

•               IT security certifications

•               Industry certifications such as the CISSP, CISM, CISA, GCIH, CFCE, GFCA, and/or GCFE