Global Information Security Manager - Incident Response

WHAT YOU'LL DO
Participate as an integral part of the Cyber Security Incident Response Team
Support cyber incident response actions to ensure proper assessment, containment, mitigation and documentation
Support cyber investigations and contribution to large and small scale computer security incidents
Review and analyze cyber threats and provide support, mentorship, and training to junior level security analysts
Work closely with CSIRT team & technology to detect, investigate, and communicate cyber threats
Update the Security Team and other groups on industry trends and recommend initiatives to help lower risk
Proactively monitoring and analyze logs via the SIEM for indicators of attack
Proactively identifying process improvements and taking initiative to implement changes.
Contribute to develop our standard operating procedures and playbooks.
Maintain up-to-date knowledge of the cyber security industry

YOU'RE GOOD AT
The Incident Response Manager is an experienced position within the CSIRT that requires a thorough understanding of Incident Response (IR) operations and best practices, including triage and escalation.
They work with various teams inside BCG and with vendors and partners to support the CSIRT mission of preventing, detecting, and responding to cyber threats.

This role requires advanced analytical and methodical skills coupled with strong, detail-oriented documentation skills that together yield consumable and comprehensive investigation reports. In addition, it requires the ability to assess multiple incidents at a given time. This means the candidate should be able to quickly and effectively prioritize actions based on incident severity while incorporating risk to BCG and communicating to relevant stakeholders in a timely manner. The Incident Response Manager will be working heavily within the CSIRT's suite of tools, including SIEM, EDR, Case Management, and Cyber Threat Intelligence technologies.