Cyber Security Incident Response Manager in Rosemont, IL at Interactive Business Systems

Date Posted: 10/23/2019

Job Snapshot

Job Description

Position Summary

The Cyber Security Incident Response Manager is responsible for managing security incident response operations across all Lines of Business, according to documented procedures and industry best practices.

The ideal candidate should demonstrate enthusiasm and interest in Information Security, have a passion for collaborating with various resources across multiple departments and business units.

Primary Responsibilities

 • Provide first responder forensics analysis and investigation

 • Drives containment strategy during data loss or breach events • Maintains chain of custody of incident evidence

 • Provides recommendations to resolve and/or reduce impact of incident and to prevent future similar incidents

• Assessing scope of incident damage and assisting in the determination of incident severity

• Triage and resolve advanced vector attacks such as botnets and advanced persistent threats (APTs)

 • Work directly with data asset owners and business response plan owners during high severity events of interest

 • Develop and present recommendations for tuning of IDS, proxy policy, in-line malware tools based on threat feeds, trust and reputation data, events, or vulnerabilities and exploits of downstream systems

• Provide tuning and control change recommendations to administrators based on findings during investigations or threat information reviews

 • Manage, monitor, and ensure SLA's/SLO's are achieved by internal and 3rd party business partners. • Develop and enrich restoration procedures to mitigate future outages and business disruptions.

 • Own business impacting situations, and work to restore normal service operations in cooperation with cross-functional partners.

 • Identify and recommend opportunities for “clean-slate” process improvement with regards to incident management, fault monitoring, triage procedures and issue escalation.

 • Collaborate with architecture, development, and engineering teams to identify the root cause of recurring incidents and create action-plans for resolution.

 • Leverage and lead the root-cause/problem management process to correlate trends business impacts.

• Ensure timely communications and updates are provided for incident management and root-cause scenarios.

 • Maintain on-call availability for 24x7x365 coverage

 • Other projects or duties as assigned. Required Skills And Experience

• Bachelor's degree in a technology-related field.

 • Minimum of 2-3 years of combined experience in the Information Security / Cybersecurity domain with a focus on incident response but overall more than 5 years of IT experience.

 • Demonstrated ability to translate technical incidents into business terms.

 • Proven track record and experience of the following in a highly complex and global organization:

• Strong problem solving and troubleshooting skills with experience exercising mature judgment

 • Excellent teamwork and interpersonal skills

• This position must pass a post-offer background and drug test. Preferred Skills And Experience

 • Certification: A least one professional security management certification, such as:

• Certified Incident Handler v2 (ECIH)

 • GIAC Certified Incident Handler (GCIH)

 • Certified Computer Security Incident Handler (CSIH)

 • Certified Expert Incident Manager (CEIM)

• GIAC Certified Forensic Analyst (GCFA)

• GIAC Certified Forensic Examiner (GCFE)

 • AWS, Azure, Cisco Certified Security Professional (CCSP)

Physical Demands And Work Environment Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Due to the nature of our business in regard to such things as delivery schedules, order inputs, selection, and Department of Transportation Hours of Service, overtime, attendance and punctuality are essential job functions.

Should an individual in this classification not be able to adhere to this requirement due to a disability, they should contact their Human Resources department to see what, if any, reasonable accommodation may be made.

 As an Equal Opportunity Employer, Company will recruit and select applicants for employment solely on the basis of their qualifications.

Our Practices and Procedures, including those relating to wages, benefits, transfers, promotions, terminations and self-development opportunities, will be administered without regard to race, color, religion, sex, sexual orientation and gender identity, age, national origin, disability, or protected veteran status and all other classes protected by the Federal and State Government. Drug Free Employer