Talent.com
Associate Director, Cyber Incident Response

Associate Director, Cyber Incident Response

Control RisksWashington, DC, US
30+ days ago
Job type
  • Full-time
  • Permanent
  • Quick Apply
Job description

The Associate Director is responsible for managing the Cyber Response Team in the US and leading overall delivery of incident response cases in the region. This role involves leading the technical aspects of the cyber response practice, managing our technical team members as well as managing client relationships. This role will report to Global Head of Cyber Response and work in tandem with European, Middle East and Asia colleagues on a follow-the-sun basis. The successful candidate will have a strong technical skill set, deep understanding of the North American cyber incident response market and a deep understanding of current and emerging advanced threat actors. They will have a proven track record of responding to advanced threats leveraging forensics and threat hunting technology.

Role tasks and responsibilities

Technical response

  • Oversee incident response cases for all host and network based investigations, be responsible for the overall quality of our technical incident response work.
  • Ownership of the entire lifecycle of a cyber incident including identification, containment, eradication and recovery. A particular area of specialty in eradication and recovery from an incident.
  • Threat hunting using EDR tooling to evaluate an attacker's spread through a system and network, anticipating and thwarting further attacker activity.
  • Perform live compromise assessments for organizations who suspect a compromise.
  • Detect and hunt unknown live, dormant, and custom malware in memory across multiple systems in an enterprise environment.
  • Demonstrate a deep understanding of both existing and emerging threat actors, as well as experience identifying rapidly changing tools, tactics and procedures of attackers.
  • Advise on the safe technical recovery of an organizations IT systems balancing the need to understand what has happened but speed up recovery.
  • Be responsible for Control Risks technical Cyber Response strategy. Identify, design and then implement solutions that meet these strategic objectives.

Client Management

  • To build and develop client relationships facilitating where appropriate introduction and provision of additional Control Risks services. Working closely with the Global Head of Cyber Response and Global colleagues to ensure a cohesive go-to-market approach.
  • Possess and develop working knowledge of key insurer and law firm relationships that may drive growth.

    • Reporting

  • Provide situation reports and other significant case related material to the client and the Director of Cyber Response.
  • Provide documentation to the relevant consultants in sufficient time to allow review and feedback, before submitting to a client.
  • Report on the performance of the Technical Cyber Response work and forecast technical and resource requirements in the near and long term.

    • Team management

  • Establish resourcing requirements for our already growing Cyber Response practice, hire and then manage these technical individuals.
  • Establish relationships with key recruiters and where possible align with the Cyber Crisis Management teams resourcing plans.
  • Align with and help to expand the already re-occurring Internship Program and where business need requires onboard interns into the technical team.
  • Define clear roles and responsibilities for new hires including a learning pathway for training & development.
  • Ensure new joiners have appropriate time dedicated to technical development and research whilst balancing un-predictable workload.

    • Governance

  • Own the technical response Standard Operating Procedures, working with the team to ensure they are kept up to date with the latest threats.
  • Ensure issues identified during delivery of cases are identified, escalated and resolved efficiently.

    • Supporting the growth of the Cyber Response practice

  • Refining Control Risks’ cyber response methodologies and approaches and tailoring the approach in changing market conditions.
  • Identifying potential new areas of growth and opportunity.

    • Requirements

  • Candidates must be legally authorized to work in the US on a permanent basis without sponsorship.
  • Candidates must possess unrestricted US work authorization.
  • Proven experience in technically responding to significant and complex cyber attacks and information security related advisory
  • Proven experience of managing and / or building the requisite technologies necessary for responding to a wide variety of common cyber security incidents
  • Demonstrable experience of operating within a commercial environment and engaging with key stakeholders in insurance and risk management.
  • Technical degree or demonstrated knowledge of common networks, software and hardware used in business environments
  • Experience in conducting log analysis and digital forensics following a cyber incident
  • Experience of working with law firms, communications experts, and others on sensitive investigations.
  • Track record of developing consultative relationships with clients
  • Excellent people management skills
  • Fluent in English (written and spoken)
  • Excellent presentation skills
  • Excellent analytical skills
  • Preferred : Strong understanding of MITRE ATT&CK techniques / sub-techniques. The ability to articulate TTPs to clients in non-technical terms.
  • Preferred : Experience in generating SIGMA rules for host detection, SNORT rules for network detection and YARA Signatures for file and memory artefact identification.
  • Preferred : Experience in engaging in industry and law enforcement intelligence forums
  • Preferred : Experience of supporting cross-jurisdictional response cases
  • Preferred : Qualifications such as : CREST Registered Intrusion Analyst (CRIA), Certified Network Intrusion Analyst (CCNIA), Certified Host Intrusion Analyst (CCHIA), SANS Advanced Incident Response, Threat Hunting, and Digital Forensics (FOR508) or Enterprise-Class Incident Response & Threat Hunting (FOR608), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM) and full membership of ISACA.

    • The base salary range for this position is $140,000-$150,000 per year. Exact compensation offered may vary depending on job-related knowledge, skills, and experience.

    Control Risks is committed to a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age or veteran status. If you require any reasonable adjustments to be made in order to participate fully in the interview process, please let us know and we will be happy to accommodate your needs.

    Control Risks participates in the E-Verify program to confirm employment authorization of all newly hired employees. The E-Verify process is completed during new hire onboarding and completion of the Form I-9, Employment Eligibility Verification, at the start of employment. E-Verify is not used as a tool to pre-screen candidates. For more information on E-Verify, please visit www.uscis.gov.

    Benefits

  • Control Risks offers a competitively positioned compensation and benefits package that is transparent and summarized in the full job offer.
  • Control Risks supports hybrid working arrangements, wherever possible, that emphasize the value of in-person time together - in the office and with our clients - while continuing to support flexible and remote working.
  • Medical Benefits, Prescription Benefits, FSA, Dental Benefits, Vision Benefits, Life and AD&D, Voluntary Life and AD&D, Disability Benefits, Voluntary Benefits, 401 (K) Retirement, Nationwide Pet Insurance, Employee Assistance Program.
  • As an equal opportunities employer, we encourage suitably qualified applicants from a wide range of backgrounds to apply and join us and are fully committed to equal treatment, free from discrimination, of all candidates throughout our recruitment process.
    • Create a job alert for this search

    Incident Response • Washington, DC, US

    Related jobs
    • Promoted
    Associate Director Product Manager, Contact Center & Voice Security Solutions

    Associate Director Product Manager, Contact Center & Voice Security Solutions

    VerizonAshburn, VA, US
    Full-time +1
    A place to share your ideas freely even if they're daring or different.Where the true you can learn, grow, and thrive.At Verizon, we power and empower how people live, work and play by connecting ...Show moreLast updated: 22 days ago
    • Promoted
    Associate Director

    Associate Director

    Georgetown UniversityWashington, DC, United States
    Full-time
    Georgetown University comprises two unique campuses in the nation's capital.With the Hilltop Campus located in the heart of the historic Georgetown neighborhood, and the Capitol Campus, just minute...Show moreLast updated: 23 days ago
    • Promoted
    Principal Risk Associate, Enterprise Risk Strategy & Analytics Team

    Principal Risk Associate, Enterprise Risk Strategy & Analytics Team

    Capital OneFalls Church, VA, US
    Full-time +1
    As a Principal Risk Associate for Capital One's Enterprise Risk Strategy & Analytics Team, you will apply your strong communication skills, analytical expertise, and business knowledge to our highe...Show moreLast updated: 2 days ago
    • Promoted
    Tier 3 Incident Response Senior Analyst

    Tier 3 Incident Response Senior Analyst

    Resource Management ConceptsQuantico, VA, United States
    Full-time
    Tier 3 Incident Response Senior Analyst.Quantico, Virginia, providing defensive cyberspace operations and Cyber Security Service Provider (CSSP) functions. This position will support the government'...Show moreLast updated: 4 days ago
    • Promoted
    Associate, Insurance & Risk Management

    Associate, Insurance & Risk Management

    HITT ContractingFalls Church, VA, US
    Full-time
    The Associate, Insurance & Risk Management, is responsible for daily administration and support of the Insurance & Risk Management Department. The Associate, Insurance & Risk Management provides sup...Show moreLast updated: 16 days ago
    • Promoted
    Associate Director

    Associate Director

    InsideHigherEdWashington D.C., United States
    Full-time
    Georgetown University comprises two unique campuses in the nation's capital.With the Hilltop Campus located in the heart of the historic Georgetown neighborhood, and the Capitol Campus, just minute...Show moreLast updated: 23 days ago
    • Promoted
    Cyber Capabilities SME

    Cyber Capabilities SME

    Leidos IncOdenton, MD, United States
    Full-time
    The Cybersecurity Capabilities and Innovations SME shall provide support across the entire command.All SMEs will be centrally managed but may be assigned to work in separate directorates within the...Show moreLast updated: 30+ days ago
    • Promoted
    • New!
    Associate Director of Compliance (Internal Only)

    Associate Director of Compliance (Internal Only)

    KIPP DCWashington, DC, US
    Full-time
    Associate Director of Compliance (Internal Only).The Associate Director of Compliance (Internal Only) role is an integral part of the Student Support Team, ensuring full compliance with all federal...Show moreLast updated: 1 hour ago
    • Promoted
    Associate, InvestigationsWashington, DC

    Associate, InvestigationsWashington, DC

    TD InternationalWashington, DC, US
    Full-time
    TDI, founded in 1999, is a strategic advisory and risk intelligence firm dedicated to helping multinational organizations navigate commercial, regulatory, and reputational risks.We provide actionab...Show moreLast updated: 30+ days ago
    • Promoted
    Associate Director, Investigations Washington, DC

    Associate Director, Investigations Washington, DC

    TD InternationalWashington, DC, US
    Full-time
    Associate Director, Investigations.TDI, founded in 1999, is a strategic advisory and risk intelligence firm dedicated to helping multinational organizations navigate commercial, regulatory, and rep...Show moreLast updated: 30+ days ago
    • Promoted
    Director, Technology Risk- Enterprise Services Risk

    Director, Technology Risk- Enterprise Services Risk

    Capital OneBaltimore, MD, United States
    Full-time +1
    Director, Technology Risk- Enterprise Services Risk Director, Technology Risk- Enterprise Services Risk The Enterprise Services Risk organization is expanding with a focus on attracting innovative,...Show moreLast updated: 26 days ago
    • Promoted
    Global Director, Risk Leadership

    Global Director, Risk Leadership

    International Justice MissionWashington, DC, US
    Full-time
    Global Director, Risk Leadership.International Justice Mission (IJM) is the global leader in protecting vulnerable people from violence around the world. Our team of over 1,200 professionals are at ...Show moreLast updated: 18 days ago
    • Promoted
    Director, Incident Response, Cybersecurity | Forensic and Litigation Consulting

    Director, Incident Response, Cybersecurity | Forensic and Litigation Consulting

    FTI Consulting, IncWashington, DC, United States
    Full-time
    Director, Incident Response, Cybersecurity | Forensic and Litigation Consulting.FTI Consulting is the leading global expert firm for organizations facing crisis and transformation.We work with many...Show moreLast updated: 13 days ago
    • Promoted
    Associate Partner Cybersecurity

    Associate Partner Cybersecurity

    IBM ComputingMcLean, VA, United States
    Full-time
    We are seeking an experienced and dynamic Associate Partner Cybersecurity with a proven track record in leading cybersecurity initiatives within the distribution sector. This individual will serve a...Show moreLast updated: 27 days ago
    • Promoted
    Associate II, Cybersecurity Risk Services - Hybrid

    Associate II, Cybersecurity Risk Services - Hybrid

    Williams AdleyWashington, DC, United States
    Full-time
    For more than 40 years, Williams Adley has provided expert accounting, auditing, and consulting services to government agencies. Our dedication to operating with the highest levels of honesty, integ...Show moreLast updated: 4 days ago
    • Promoted
    Tier 2 Cyber Incident Response Team (CIRT) Analyst

    Tier 2 Cyber Incident Response Team (CIRT) Analyst

    PeratonArlington, VA, United States
    Temporary
    Tier 2 Cyber Incident Response Team (CIRT) Analyst.Peraton is seeking an experienced.Tier 2 Cyber Incident Response Team (CIRT) Analyst. Peraton's Department of State (DoS) Diplomatic Security Cyber...Show moreLast updated: 30+ days ago
    • Promoted
    SOC Technical Lead

    SOC Technical Lead

    ManTechMcLean, VA, United States
    Full-time
    This position may require occasional local travel to.The SOC Technical Lead will provide technical leadership and subject matter expertise for incident response and analysis.Lead a team of Cyber Op...Show moreLast updated: 4 days ago
    • Promoted
    Vice President of Global Partnerships & Alliances

    Vice President of Global Partnerships & Alliances

    ConfidentialWashington, DC, United States
    Full-time
    Vice President of Global Partnerships & Alliances.A leading cybersecurity firm specializing in user behavior intelligence and data protection. We are looking for a dynamic and experienced Vice Presi...Show moreLast updated: 1 day ago
    Incident Report Lead

    Incident Report Lead

    ISI EnterprisesHerndon, VA, US
    Temporary
    Quick Apply
    ISI Defense is seeking a cleared, mission-driven Incident Response Lead to lead and scale our IR operations across both internal environments and our Managed Services client base.This role combines...Show moreLast updated: 30+ days ago
    • Promoted
    Principal Auditor - Cyber, Risk and Analysis Technology Audit

    Principal Auditor - Cyber, Risk and Analysis Technology Audit

    Capital OneFalls Church, VA, US
    Full-time +1
    Principal Auditor - Cyber, Risk and Analysis Technology Audit.Capital One's Audit function is a dedicated group of professionals focused on delivering top-quality assurance services to the organiza...Show moreLast updated: 15 days ago