Security Incident Manager
Location
Dublin
Business Area
Legal, Compliance, and Risk
Ref #
10044257
Description & Requirements
We Protect Bloomberg. The Bloomberg Security Incident Management (Sec IM) team provides consistent coordination and management of cybersecurity (security) incidents and events across Bloomberg's diverse lines of business and vast global network.
What's the team?
Sec IM works closely with teams across Bloomberg's Chief Information Security Office, coordinating, commanding, and documenting response for all security incidents and high profile security events. The team is responsible for ensuring responses are efficient and comprehensive. The team also plays a key role in identifying methods to improve upon similar scenarios. Key partners include incident responders, threat intelligence, vulnerability analysts, security project/program leads and many other teams within the company.
What's the role?
A successful candidate will be focused on coordination, leadership, delegation, documentation, and identification of required response actions, rather than performing technical deep dives such as forensics or reverse engineering. You will be expected to fulfill common incident management roles in a security context where the goal is careful containment and remediation of incidents and events which could jeopardize the confidentiality, integrity, and/or availability of Bloomberg systems and records.
We'll trust you to:
- Lead & focus
- Demonstrate clear & calm leadership, setting the tone for each response
- Command and coordinate a response to security incidents, relevant threats, and high profile security events when Senior Sec IM staff are unavailable
- Scope a response to the next best actions
- Ensure response is sustainable for all resources involved
- Support beyond normal shift hours in an emergency or during times of staff shortage
- Coordinate & communicate
- Delegate tasks in a timely manner and manage them to closure or management handoff
- Facilitate incident / threat resolution through prompt communication across multiple teams
- Document status and regularly communicate updates to stakeholders and senior management
- Maintain and track key metrics and providing reporting related to incident management
- Prepare
- Update and maintain procedures that effectively guide security incident management
- Participate in scenario analyses (e.g. tabletops, functional exercises, etc.)
- Participate in skill training
- Conduct postmortem discussions that identify paths for improving response to similar scenarios, delivering those requirements to appropriate stakeholders that handle short, mid and long term remediation
You'll need to have:
- Proven ability to manage tasks during high-pressure, complex situations
- Clear and concise written and verbal communication skills
- Strong critical thinking skills
- Ownership to identify problems and pursue solutions, individually and collaboratively
- Commitment to building strong networks and collaborative relationships
- Experience leading and managing complex, high-stress projects or incidents
- Effective at using multiple communication styles to close incidents
- Commitment to develop team members skills
- Proven ability to multitask
We would love to see:
- 3+ years working in a cyber security operations center or incident management function(s)
- Experience with host and network incident response, data exposure workflows, and/or urgent vulnerability remediation
- Examples of proactively identifying and improving tooling and processes
- Ability to explain complex topics in accessible language
If that sounds like you:
Apply - if we believe you're a good match, we'll get in touch to let you know next steps.
#J-18808-Ljbffr