Cyber Security Incident Manager

Navisite is a modern managed cloud service provider that accelerates IT transformation for thousands of growing and established global brands. Through our deep technical knowledge and strategic relationships with the world's leading cloud providers, proven delivery methodologies, platform-agnostic approach and worldwide network of highly specialized experts, we provide the capabilities and practical guidance customers need to successfully embrace IT change and move their businesses forward.

Cyber Security Incident Manager

Core Job Responsibilities

• Partner with key teams to respond to detected cyber security incidents and respond to cyber-based threats and deploy countermeasures as needed.
• Active participation and leadership during cyber security incidents
• Use security technologies and tools, such as SIEM, IDS/IPS, vulnerability scanning, penetration testing, endpoint detection and response (EDR), and Cyber Threat Intelligence (CTI) tools to protect the enterprise.
• Participate in threat hunting missions and remediate gaps that are identified.
• Contribute to the development of detections using MITRE ATT&CK and Cyber Kill chain frameworks.
• Automate manual tasks through technology integrations via scripting and orchestration of playbooks.
• Support the advancement of our cyber threat intelligence and vulnerability management programs to ensure consistent detection, analysis, response, and monitoring of cybersecurity threats including actors, campaigns and vulnerabilities.
• Compose and deliver Situation Reports for key stakeholders.
• Participate in cross-team coordination to achieve defined security goals as well as meet technical requirements in support of detailed implementation plans for security projects.
• Perform assessment of cybersecurity incidents to identify the root cause, respond, and recover the environment.

Preferred Qualifications

• Be a team player committed to the mission and continuous development of the Cyber Threat Operations Center, peers, and our customers.
• 7+ years of experience working in the Information Technology field.
• 5+ years of experience directly related to one or more of the areas of incident response, digital forensics, malware analysis, threat hunting or cyber threat intelligence.
• Experience in supporting cyber-security incident response, threat hunting, cyber threat intelligence, and content development/tuning.
• GIAC (GCIH, GSEC, GCFA, GREM), OSCP/CEH or equivalent certifications preferred.
• Bachelor's degree preferred but will consider applicable work experience as it translates to an equivalent degree.
• Experience with programming and scripting languages, preferably Python and PowerShell.
• Strong written and verbal communication skills; must be able to effectively communicate to all levels of staff up to executive-level management, customers (internal and external), and vendors.
• Be available for on-call duty to handle high-impact cybersecurity incidents.