- Incident Response Leadership:
- Manage the full lifecycle of incident response, including detection, containment, eradication, and recovery
- Serve as the escalation point for complex incidents and ensure timely resolution
- Develop and maintain incident response playbooks and processes
- Enhance defensive capabilities by optimizing SIEM, EDR, and SOAR tools
- Conduct proactive threat hunting activities
- Lead vulnerability management efforts
- Threat Intelligence Operations:
- Establish and manage a threat intelligence program to track adversaries TTPs
- Collaborate with global teams to identify and mitigate emerging threats
- Provide actionable intelligence to improve detection and prevention capabilities
- Email Security:
- Oversee email security strategies to detect and mitigate phishing and BEC threats
- Ensure implementation of advanced email security tools and policies
- Team Leadership:
- Mentor and guide cybersecurity analysts and engineers
- Foster continuous improvement through training initiatives
- Report metrics and trends to North American leadership
Required Skills/Experience:
- Experience:
- 10+ years in cybersecurity
- 3-5 years managing incident response or threat intelligence teams
- Technical Expertise:
- In-depth knowledge of incident response frameworks (NIST CSF)
- Hands-on experience with SIEM, EDR, SOAR platforms
- Strong understanding of email security technologies
- Leadership Skills:
- Proven ability to lead cross-functional teams
- Strong global communication skills
Preferred Qualifications:
- Certifications: CISSP, CISM, GCIH, GCFA, or CTIA
- Experience in global organizations with distributed teams
