Join Vultr

The Security Operations team is a central pillar of our growth strategy, and we are looking for a Manager of Incident Response to oversee the day-to-day operations of the incident management and response team. This role involves executing incident response strategies, coordinating with cross-functional teams during security incidents, and improving processes based on post-incident reviews. The Manager of Incident Response will also ensure the readiness of the organization by supporting team development, maintaining incident response tools, and aligning with industry standards and regulatory requirements.

What to expect: 

Manage and coordinate the incident response team in identifying, handling, and mitigating security incidents.Execute incident response plans, playbooks, and standard operating procedures, ensuring they are adhered to during incidents. Conduct investigations and analyze security incidents to identify root cause and recommend corrective actions. Collaborate with internal teams to facilitate communication and coordination during incident response efforts. Monitor security alerts to ensure timely response to threats and escalate when necessary. Participate in post-incident reviews to gather lessons learned and recommend improvements to the incident response process. Train and support team members to ensure they follow best practices in incident response.Ensure compliance with regulatory requirements and maintain awareness of emerging threats and trends in cybersecurity. Contribute to the development of the incident response team, setting expectations and helping to achieve incident response objectives. Assist in evaluating and recommending tools and technologies that enhance the incident response team’s capabilities.

Our ideal candidate will have: 

Education:

• Bachelor’s degree in computer science, information security, or a related field. 

Professional Experience:

• At least 7 years of experience in information security, with 3 years in an incident response or security operations role.
• Experience in managing incident response efforts within a medium to large organization.
• Proven ability to handle moderate-to-high-severity incidents and contribute to their resolution.

Certifications:

• Relevant industry certifications such as GCIH (GIAC Certified Incident Handler), GCFA (GIAC Certified Forensic Analyst), or similar.

Technical Skills:

• Extensive experience in managing and responding to complex security incidents across various environments, including cloud and on-premises infrastructures.
• Proficiency in Linux and Windows operating systems, with the ability to identify, investigate, and respond to security breaches within these systems.
• Hands-on expertise with automation and scripting languages, such as Python, Bash, and PowerShell, to automate incident detection, response workflows, and forensic data collection.
• In-depth knowledge of security monitoring tools, including platforms for real-time incident detection and forensic analysis.
• Strong understanding of network security technologies, including firewalls, VPNs, intrusion detection/prevention systems, and packet capture/analysis tools, to track and mitigate threat vectors.
• Advanced forensic investigation skills using tools for system and memory analysis.

• Experience with orchestration, automation, and response tools to streamline and enhance incident response processes.

• Knowledge of threat intelligence frameworks to improve detection and response strategies.

• Familiarity with malware analysis techniques and tools to understand threats, reverse engineer attacks, and develop defense strategies.

• Experience in conducting tabletop exercises and incident simulations to assess and improve incident response capabilities.

Soft Skills:

• Strong leadership and team-building skills, with the ability to manage and mentor junior team members.
• Effective communication skills to convey security issues to both technical and non-technical audiences.
• Ability to handle multiple tasks and work in a dynamic, fast-paced environment.
• Other Requirements:
• Up-to-date knowledge of cybersecurity threats and mitigation strategies.
• Experience working with regulatory compliance requirements.
• Availability to support 24/7 incident response efforts when necessary.

Compensation: 120-140k Salary + Variable Bonus