Job Title: Incident Response Manager
Location: UAE
Experience: 5+ years in cybersecurity, with a focus on incident response
Job Summary:
We are seeking an experienced Incident Response Manager to lead our cybersecurity incident response efforts. The ideal candidate will have a deep understanding of cybersecurity threats, incident response processes, and the ability to coordinate a team to manage and mitigate incidents effectively.
Key Responsibilities:
- Lead the Incident Response (IR) team in identifying, investigating, and responding to security incidents.
- Develop and implement incident response strategies, playbooks, and procedures to quickly address potential threats.
- Coordinate with internal and external stakeholders during incident investigations to gather information, contain the threat, and recover operations.
- Conduct root cause analysis of incidents and provide recommendations for preventive measures.
- Perform proactive threat hunting to identify vulnerabilities and potential threats in the IT environment.
- Work closely with the Security Operations Center (SOC) to ensure that alerts and escalations are handled promptly and accurately.
- Collaborate with other teams, such as IT, Legal, Compliance, and Risk Management, to ensure a cohesive approach to incident handling.
- Provide regular incident reports and post-incident analysis to management and stakeholders.
- Lead training sessions and workshops for the IR team and other relevant personnel to enhance incident response skills.
- Keep up to date with the latest cybersecurity threats, vulnerabilities, and technologies.
Required Skills and Qualifications:
- Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent work experience).
- Minimum of 5 years of hands-on experience in cybersecurity, with at least 3 years in incident response.
- Strong knowledge of incident response methodologies and frameworks (e.g., NIST, SANS).
- Proficiency in using incident response tools and technologies, such as SIEM, EDR, and forensic tools.
- Experience in handling various types of cyber incidents, including malware, phishing, ransomware, and data breaches.
- Strong analytical and problem-solving skills with the ability to handle stressful situations.
- Excellent communication skills with the ability to convey complex technical issues to non-technical stakeholders.
- Relevant certifications such as CISSP, CISM, GCIH, or GCFA are a plus.
Preferred Skills:
- Experience in leading a team of cybersecurity professionals.
- Knowledge of SOAR platforms and automation of incident response processes.
- Familiarity with cloud environments (AWS, Azure, or Google Cloud) and their security principles.
- Ability to develop and refine incident response playbooks and processes.