This Job Vacancy has Expired!

Director of Security Operations and Incident Response

Request Technology - Craig Johnson

Posted on Apr 26, 2022 by Request Technology - Craig Johnson

Lake Forest, IL 60045
Immediate Start
Annual Salary

*We are unable to sponsor for this permanent Full time role*

*Position is bonus eligible*

Prestigious Fortune 500 Company is currently seeking a Director of Security Operations and Incident Response. Candidate will lead and manage the people, process, and technologies present in a 24x7 global security operations center.


Collaborate with stakeholders such as Disaster Recovery and Business Continuity to support security larger initiatives, assessments, and resilience testing.

Develop and direct the Enterprise Incident Response Program ensuring continuous maturity.

Define and maintain dashboards and metrics that support Incident Response Program and Cyber Security Operation Center maturity efforts.

Provide cyber security briefings, status updates, and consultancy to various audiences, including technical and executive leadership teams.

Leverage the incident response program to conduct cyber table-top simulations and educational sessions with stakeholders

Provide leadership for incident response investigations, coordinate response activity, and brief senior leaders while maintaining the confidentiality

Develop and mentor staff through open communication, training and development opportunities, and performance management processes; build and maintain a high-performing team through employee morale and motivation.


5 to 7 years.of People Management Experience

10+ years of Experience working in Enterprise Security

Crisis management skills and the ability to manage relationships and communication channels.

Advanced critical thinking and decision-making ability, able to explain and defend a complex decision point.

Demonstrated ability to communicate complex subjects regarding strategic and tactical incident response processes to stakeholders of varying technical levels.

In-depth experience leading security incident response processes in the cloud, virtualized, and on-prem environments.

Thought leader in security engineering and operations delivery driving visibility, automation, analytics, and advanced threat analysis.

Extensive and direct experience in high-pressure situations managing and responding to complex technical cyber security incidents.

Proven skills in various elements of incident response, including but not limited to computer intrusion investigations and digital forensics in enterprise environments.

Understanding current and emerging threats and associated countermeasures by establishing solid relationships with cyber threat teams and vendors. This includes directing a team on managing, maintaining, and increasing visibility into the organization and applying threat intelligence to proactively mitigate risk.

Security Operations role or cyber incident response role conducting in depth investigations using internal telemetry data and open-source information to determine whether a given system or user has been compromised is required

Working with traditional security tools, not limited to, SIEM, AV, EDR, SOAR, IDS/IPS, DLP, etc.

IT work experience required with a broad exposure to infrastructure/network and multi-platform environments is required

Hands-on working experience of most common operating systems including but not limited to Windows Server, Windows 10, UNIX/Linux, Apple OX, Android, iOS environments are required

Hands-on working knowledge and experience with Splunk is required

Splunk certifications are a plus

Cloud Platform technologies (AWS, Google Cloud Platform, Azure, O365) is required

Experience with integration between Incident Management Systems (SOAR) and SIEM in an enterprise environment is a plus

Experience with the forensic and incident response process, reverse engineering malware and red teaming is a plus

Experience of standard business processes including change management, problem management, work prioritization, quality assurance, and continuous improvement best practices, etc. is a plus

Security certifications (SANS, ISC2, SEI, CFE) are a plus

Experience with audit support and response, regulatory compliance SOX and PCI-DSS is a plus

Reference: 1576966525

Set up alerts to get notified of new vacancies.