Senior Director, Incident Response Leader - F&R

Job Description
Job Description
This role sits within our Financial & Risk ("F&R") business. On January 30, 2018, Thomson Reuters announced that it signed a definitive agreement to enter into a strategic partnership with private equity funds managed by Blackstone related to the company's F&R business. As part of the transaction, Thomson Reuters has agreed to sell a 55% majority stake in Financial & Risk and will retain a 45% interest in the business. Thomson Reuters will maintain full ownership of its Legal, Tax & Accounting and the Reuters News businesses. The transaction is expected to close in the second half of the year and is subject to specified regulatory approvals and customary closing conditions. When the transaction closes, this role will be included in the new F&R entity. Further information on this can be found at

Financial & Risk is looking for a few highly skilled cyber security specialists to help staff a new location in the central business district of downtown Hoboken. This new facility will be home to a number of critical cyber security disciplines, designed to improve the overall security posture of F&R- including its assets, data and operations. Be part of an exciting, fast-paced environment that will help F&R strengthen its position.

F&R's Information Security & Risk Management (ISRM) team is looking for a dynamic leader to help grow it's global Incident Response function. This role will be responsible for all aspects of incident response and mitigating the cyber risks to F&R. You will establish a strong team of incident response analysts to help identify, detect, analyze, contain, eradicate and recover from cyber attacks. In addition, you will collaborate with a broad range of international intelligence & law enforcement (LEO) relationships to help improve the overall quality of F&R's defenses.

You should have a deep understanding of security incidents and the process of leading them, the spectrum and state of current malware, intrusion techniques & hacking - from amateur to Advanced Persistent Threat (APT) - and how to conduct successful incident response and digital forensic investigations around them. You should have a demonstrated experience successfully leading a global team, as well as coordinating with incident management counterparts in the Cyber Intelligence and Cyber Threat Detection domains. You should have direct experience and effectiveness communicating across different tiers... from technologists to the 'C' suite.

Essential Responsibilities:

  • Build and lead Financial & Risk's global (24x7) incident response function
  • Assist in the build out and staffing of the new F&R Cyber Fusion Center in Hoboken, NJ
  • Serve as the principle point of contact for incident response intake, liaising across F&R Legal, IT, Communications and Security teams
  • Coordinate incident response activities with the International community, along with U.S. Federal, State & local LEO and government agencies
  • Experience with local and multiple country regulations governing incident response processing and handling of sensitive data
  • Lead the incident response team according to best practices, maintaining a standard of the highest quality & confidentiality
  • Mentors other managers, engineers & investigators in incident response and digital forensic investigation handling and collection
  • Coordinate critical, sensitive investigations, assessments & audits spanning multiple geographies
  • Conduct briefings on sensitive incidents and threats to a broad spectrum of audiences, ranging from Senior Executive management to IT Leadership
  • Work with F&R's legal teams create and maintain standard methodologies and policy for incident response management
  • Provide best-in-class monitoring, response, and reporting for network and computer incidents
  • Establish and lead the Crisis Management Program to conducting several annual companywide exercises with top leadership and developing effective response processes.
  • Build efficiencies in incident tracking and handling via automation

  • Bachelor's degree in Computer Science, other technical field
  • Strong verbal & written communication skills
  • Strong critical thinking and group facilitation skills, specifically in large or complex problem settings
  • 10+ years of experience in the security operations and incident response domain
  • 5+ years of experience leading a high performing incident response or security operations team
  • Demonstrated ability to attract and develop cyber security talent
  • Industry or sector leadership in designing and improving the field of cyber intelligence
  • Awareness of industry trends and developments
  • Hands-on experience responding to advanced and persistent cyber attacks (APT) in a global network setting
  • Change agent with ability to drive accountability & outcomes across a diverse threat landscape
  • Solid technical background in computer systems and networks
  • Strong business acumen & successful track record in aligning with customers
  • A strong cross-functional team player with ability to lead and coach others in a matrix structure, across time zone and national boundaries

Desired Characteristics:

  • Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM)

At Thomson Reuters, we believe what we do matters. We are passionate about our work, inspired by the impact it has on our business and our customers. As a team, we believe in winning as one - collaborating to reach shared goals, and developing through challenging and meaningful experiences. With more than 45,000 employees in more than 100 countries, we work flexibly across boundaries and realize innovations that help shape industries around the world. Making this happen is a dynamic, evolving process, and we count on each employee to be a catalyst in driving our performance - and their own.

As a global business, we rely on diversity of culture and thought to deliver on our goals. To ensure we can do that, we seek talented, qualified employees in all our operations around the world regardless of race, color, sex/gender, including pregnancy, gender identity and expression, national origin, religion, sexual orientation, disability, age, marital status, citizen status, veteran status, or any other protected classification under country or local law. Thomson Reuters is proud to be an Equal Employment Opportunity/Affirmative Action Employer providing a drug-free workplace.

Intrigued by a challenge as large and fascinating as the world itself? Come join us.

To learn more about what we offer, please visit .

More information about Thomson Reuters can be found on

Hoboken-New Jersey-United States of America

Back to top