Description
We are looking for a Cyber Incident Response Commander to join our team of consultants in Montreal office.
This position is remote.
Cyber Incident Response Commanders are professionals who are responsible for investigating and responding to security incidents within an organization. They are responsible for identifying, containing, and mitigating security threats and vulnerabilities. Incident Response Commanders work closely with other information security professionals to ensure that an organization's security posture is maintained.
The Incident Response Commander reports to the Incident Response Manager.
Taches
As an Incident Response Commander within the CMA CGM group CERT, you will:
Maintain documentation and process particularly the incident response plan (IRP):
o Maintain up to date IRP & appendix
o Maintain the Plan in relationship with other plans and policies in effect
o Refine the specific incident playbooks so that each actor is as relevant as possible
o Improve process with legal, communication departments
o Write IRPs contextualized to a specific scope (Ships, Region, Subsidiaries...)
o Regroup lessons learned and provide improvement recommendations
o Establish links between incidents
o Provide evidence to external or internal auditors
Manage information security incidents:
o Assume the Incident Commander role, bringing business and technical units to the table
o Assess the incident severity
o Declare major incidents officially based on risk and regulation criteria
o Manage incidents according to the Plan and the included playbooks
o Ensure each team member operates within their defined responsibilities and collaborates effectively with others
o Prioritize Forensic activities
o Analyse & prioritise Incidents
o Follow mitigation & recovery
o Communicate, notify, report
Other responsibilities:
o Participate to Cyber Defense Center transversal collaboration activities
o Participate to projects, improvements and compliance efforts related to CERT matters
These activities are non-exhaustive and can evolve according to operational needs.
Exigences
You profile corresponds to the following criteria:
You hold relevant cybersecurity industry certifications, including:
? GCFA
? CIH
? CISSP
? CEH
? ECSA
? ITIL Foundation
Knowledge of security tools and techniques
Understanding of SOC and forensics techniques
You are from a STEM, cybersecurity or equivalent academic background, focused on rigor and optimization
You have 5 or more years of experience in a role with similar responsibilities, including CERT, SOC, SecOps or GRC
You know how to keep your cool under pressure and think straight in moments of chaos
You have a good understanding of information security incident management processes and methodologies (e.g.: ISO 27035, NIST framework or SANS 6-steps)
You can convey an information security message to an organization's management/executive
Experience in the transportation/shipping/logistics is a plus
You master oral and written English in a professional context
Qualities
You also possess the following qualities:
Autonomy and proactive behavior
Excellent verbal and written communication
Analysis and synthesis capacity
Desire to engage with people and enable their success
Leadership and willingness to make things evolve
Capacity to work in an international environment with offshore personnel
* Discretion about sensitive matters
MNCJobz.com will not be responsible for any payment made to a third-party. All Terms of Use are applicable.