Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Cyber Security Incident Response Senior Manager Plano, TX GCIH plus one of the following GCFE, GCFA, GNFA, GREM InfoSec Jobs

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Cyber Security Incident Response Senior Manager
Company PepsiCo
Location Plano, TX
Preferred GIAC Certifications GCIH plus one of the following: GCFE, GCFA, GNFA, GREM
Travel 10%
Salary Not provided
Contact Name Ashley Tanner
Contact Email ashley.tanner/at/
Expires 2022-03-28

Job Description

Job Description
The Cyber Security Incident Response Senior Manager is responsible for the overall response to security incidents and threats. Within the Cyber Fusion Center organization, this role requires the ability to fully engage in all phases of the incident lifecycle, managing both direct and indirect reports, understanding threats and providing oversight to recommendations for mitigation\\remediation, and interacting with stakeholders using high quality, risk-based communication strategies.

IR Team Accountabilities:

Identify, respond, and mitigate sophisticated threats to PepsiCo computer networks
Conduct incident response activities, including advanced investigation (forensic, malware analyses, root cause analysis etc.) to investigate potential intrusions and develop remediation guidance
Perform the activities necessary for the immediate, short-term rapid resolution of incidents to minimize risk exposure and production down-time
Maintain a professional communicative relationship with clients and management to provide information throughout the incident, problem, and change management cycles
Coordinate and drive efforts among multiple business units during response activities and post-mortem
Proactive monitoring of internal and external-facing environment using specialized security applications
Provide timely, comprehensive and accurate information to Information Security leadership in both written and verbal communications
Develop requisite expertise, knowledge, and ability to perform independently
Proactively research and monitor security-related information sources to aid in the identification of threats to PepsiCo’s networks, systems and intellectual property
Lead, mentor, and develop other staff members on incident response, analysis and tools
Routinely develop and update incident response playbooks to ensure response activities align with best practices, minimize gaps in response and provide comprehensive mitigation of threats.
Participate in after hours on-call rotation when required


Technical experience

8+ years of work experience in information security, especially in an Information operations / incident role
Bachelor or master degree in Information Technology, related discipline or relevant work experience
Relevant technical security certifications (GIAC, EC-Council, ISC-2 etc.); optional as well security architecture/management certifications (ISO27000, ISACA, etc.)
Hands-on troubleshooting, analysis, and technical expertise to resolve incidents and service requests; previous experience in troubleshooting day-to-day operational processes such as security monitoring, data correlation, security operations etc.
Proven experience performing analysis of security events and incidents, to determine root cause and provide resolution; working experience against advanced persistent threats is well seen;
Strong working knowledge of at least three of the following security tools: host-based antivirus, anti-spam gateway solutions, firewalls, IDS/IPS, server and network device hardening, data loss prevention, forensics software, vulnerability management, website security;
Competence in using both internal and external ticketing systems for ITIL-based incident, problem and change management.

Non-Technical skills

1+ year of leadership experience
Excellent oral and written communication skills
Experience working with Cyber Threat Intelligence, Red Teams, and Threat Defense and Hunting teams
Experience working with international teams
Customer oriented leader capable of communicating to technical and executive stakeholders

Organizational skills

A team-focused mentality with the proven ability to work effectively with diverse stakeholders
An ability to effectively influence others to modify their opinions, plans, or behaviors
Proactive attitude, seeking for improvement opportunities which can positively impact the security posture and the business
An ability to work extremely well under pressure while maintaining a professional image and approach
Decision-making capabilities, with an ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one