大手証券会社でのGlobal Cyber Defense Incident Response Leaderの求人

Responsibilities：
● Collaborate with the appropriate teams to investigate and analyze cyber incidents to:
　・Determine scope and impact
　・Collect and preserve digital evidence in a forensically sound manner
　・Coordinate with internal and external stakeholders to manage incident response efforts
　・Monitor external data sources to stay updated on the latest cyber threats and vulnerabilities
　・Perform trend analysis and generate reports on incident findings
　・Develop and implement strategies for incident containment and eradication
　・Conduct post-mortem reviews and recommend improvements to security posture
● Develop, implement, and continuously improve the cybersecurity incident response plan, policies, and procedures
● Develop, implement, and continuously improve the various cyber scenario playbooks including decision-making trees, checklist, hand-off between IT and security, escalation, roles and responsibilities, etc.
● Lead and manage a team of Cyber Defense Incident Responders across all regions such as AMER, EMEA, Asia (excluding Japan), and Japan
● Coordinate response efforts during security incidents, including communication, escalation, and resolution
● Conduct post-mortem reviews to identify root causes and recommend preventive measures, with thorough documentation to regulatory standards
● Collaborate with other teams, including Technology, the business Legal, and Compliance, to ensure alignment on incident response processes and protocols
● Stay current on the latest threats and trends in information security and cyber and incorporate best practices into the incident response program
● Provide regular updates and reports to senior management on incident response activities, metrics, and trends that are customized to multiple audiences.
● Act as a subject matter expert on incident response, providing guidance and training to staff across the organization

Skills, experience, qualifications and knowledge required：
Technical expertise: A deep understanding of cybersecurity principles, technologies, and tools is essential for effectively leading incident response efforts. Strong understanding of network security architecture and cyber defense principles. Experience with security event correlation tools and computer forensics.
Incident response experience: Strong experience in responding to cyber incidents, including identifying, analysing, and mitigating threats, is crucial for a leadership role in cybersecurity incident response. Proficiency in incident handling methodologies and intrusion detection.
Leadership and management skills: The ability to lead and manage a team of incident response professionals, coordinate response efforts, and make critical decisions under pressure is essential.
Communication skills: Excellent communication skills, both written and verbal, are necessary to effectively communicate with internal teams, stakeholders, and external partners during incident response activities. Write and publish cyber defense techniques, guidance, and reports on incident findings to appropriate constituencies.
Analytical and problem-solving skills: The ability to analyse complex cybersecurity incidents, identify root causes, and develop effective solutions to mitigate risks is crucial for a cybersecurity incident response leader. Ability to perform vulnerability assessments and threat analysis.
Collaboration and teamwork: The ability to collaborate effectively with cross-functional teams, including IT, legal, compliance, and senior management, is essential for successful incident response coordination.
Strategic thinking: The ability to think strategically and proactively identify potential security threats and vulnerabilities to prevent future incidents is important for a cybersecurity incident response leader.
Continuous learning: A commitment to staying current on the latest cybersecurity threats, trends, technologies, and best practices is necessary to effectively lead incident response efforts in a rapidly evolving threat landscape.
Certifications: Relevant certifications such as CISSP, CISM, GIAC, or other cybersecurity certifications demonstrate expertise and commitment to the field of cybersecurity incident response.
Adaptability and resilience: The ability to adapt to changing circumstances, handle high-pressure situations, and bounce back from setbacks is important for a cybersecurity incident response leader to effectively manage and respond to security incidents. Knowledge of business continuity and disaster recovery plans.