Beschreibung
Sehr geehrte Damen und Herren,für unseren Kunden suchen wir einen Security Incident Manager (m/w) in Darmstadt/Remote.
Aufgabe/Umfeld:
The Security Incident Manager has to coordinate all matters of Information Security concerning the provision of the Services with the Information Security Officer of the Lead Company. This role will be supported by regional Security Incident Managers to enable consistent support across locations based on a ‘follow the Sun’ approach
His/her responsibilities include:
Coordinates monitoring, detection, investigation, management, and response to all security and virus/malware incidents that affect the client, and tracks and reports this information accordingly.
Coordinate the response to information security incidents by working with the customer SOC and other response partners across both .
Establish oversight of information security incidents and communicate analysis, containment, and remediation efforts to all involved business partners.
Determine the root cause of incidents and work with business or technology groups to remediate any identified control gaps or failures.
Escalate incidents to management in a timely manner with appropriate information regarding risk, action times, and root cause analysis.
Utilize, maintain and enhance incident playbook.
Exercise independent judgment in methods, techniques and evaluation criteria for obtaining results.
Exercises governance and management oversight of all customer provided security and compliance services
Creates communications and training documentation for Supplier personnel assigned to the account, based on specific security and compliance policy and procedure requirements
Provides security reporting as required in the contract between • Develops Security and Compliance strategy jointly with to anticipate future threats and requirements, and defines the strategic roadmap for future services and technology
Coordinates requirements and Supplier resources for security and compliance-related projects and initiatives
Manages “reach-back” support to the Supplier Cyber Security Centre of Excellence and Supplier product lines (PLs) for subject matter expert (SME) support and technical assistance, such as forensic investigation
Role Overview
Senior contributor, responsible for Security Service Management, leading day to day operations of the Security team across the following services: Incident Response, Threat and Vulnerability Management, Endpoint Security and Network Security. Will be the point of contact to senior client personnel and will be responsible for Security Services team members globally. Utilizes in-depth technical / project knowledge and business requirements to design secure solutions to meet customer / client needs. Exercises independent judgment in methods, techniques, and evaluation criteria for obtaining results. Provides direction and guidance to others in the group. Works under minimal supervision, with general guidance from Technical or Senior Technical Manager. Typically 7-10 years of IT experience.
must haveSkills:
3+ years of information security experience with networks / Firewall experience.
Having worked in a SOC or very closely cooperated with a SCO for 3+ years
3+ years of event and or incident response experience in a high paced operations environment, requiring cross-team coordination and communication.
Mastery with the evaluation, implementation, and management of enterprise security technologies, including SIEM, anti-virus, anti-malware, DLP, IDS/ IPS, vulnerability scanners, configuration management, and encryption
Experience with performing management of 24x7 Security Operation Center services, ensuring SOC SLAs are met
Experience with leading the development, implementation, and management of processes that ensure security countermeasures and monitoring are effective and sustained on all applicable systems
Experience with leading the development, implementation, and management of incident response plans and response activities
Expert at identifying various types of events and incidents and applying the right response framework for each (i.e. information mishandling, security vulnerability, system exploit, malware infection, etc.)
Effective verbal and written communication skills, with mastery of the ability to tailor the context of the conversation to the audience.
Must be able to think outside the box and develop solutions to accomplish seemingly impossible tasks, while remaining risk and objective focused.
Must be on site in Darmstadt 4 days a week
Fluent English is a must, German language is not required
nice to have Skills:
Bachelor’s degree in Information Technology or related field desired
Ability to work effectively with technical and non-technical staff
In-depth familiarity with work flow tools and ability to develop and improve tools/processes.
Familiarity with industry organizations and individuals that can be leveraged for knowledge sharing and support
Familiarity with SIEM tools and abilities a plus
Quick and agile critical thinking (thinking outside the box)
Digital forensics or enterprise investigation experience is a plus.
CISSP or CISM preferred - GCIH, CEH, CFE desired
Beginn: asap
Laufzeit: 3-6 Monate
Workload: 100%
Einsatzort: 4 Tage Darmstadt/1 Tag Remote
Sprache: Englisch
Bewerbungsunterlagen: CV in Englisch im Word-Format + Stundensatz All-In
Können Sie uns hierbei unterstützen bzw. eine Empfehlung aussprechen? Ich freue mich über eine Nachricht ihrerseits.
Mit freundlichen Grüßen
Sascha Riethmüller
Geschäftsführender Gesellschafter
Projekt Broker Consultant Services GmbH
Wilhelm-Leuschner-Straße 79, 60329 Frankfurt am Main
T: | F: | M:
| www.projekt-broker.com
Amtsgericht Frankfurt am Main HRB 93917, Steuernummer:
Geschäftsführende Gesellschafter: Sascha Riethmüller, Christian Weindl