Information Security Manager (Incident Response)
About The Position
The Cybersecurity Manager, specializing in Incident Response and Forensics, leverages knowledge of advanced cyber threats, attacker methodologies, and security technologies to proactively identify and neutralize complex threats within the enterprise environment. This specialist remains informed about emerging technologies and recommends strategic directions. A strong understanding of security best practices, excellent analytical and problem-solving skills, and the ability to work both independently and collaboratively within a team are essential for this role. The Senior Cybersecurity Specialist plays a crucial part in protecting our organization's digital assets and ensuring a robust security posture.
Requirements
- Technical thinking skills.
- Strong matrix management skills.
- Strong customer management skills.
- Demonstrable negotiation skills.
- Excellent verbal and written communication skills – experienced in defining business requirements.
- Creative problem solving experience.
- Ability to oversee IT projects.
- Ability to effectively work within a team environment.
- Knowledgeable with current and emerging technologies and applications.
- Understanding of the enabling relationship between Celestica IT environment and business functions and processes.
- Detailed understanding of the IT strategy.
- Considerable knowledge and experience working within an IT sector (ideally within the EMS sector).
- Ten plus years of relevant experience in assessing, providing solutions and operating complex security requirements for multiple business environments
- Bachelor's Degree plus one or more of the following certifications or consideration of an equivalent combination of education and experience.
- GIAC Security Essentials Certification
- GIAC Security Leadership Certification
- ISACA Certified Information Security Manager
- Microsoft Certified Systems Engineer: Security
- (ISC)2 SCCP
- (ISC)2 CISSP
- (ISC)2 ISSAP.
Responsibilities
- SOC Leadership: Manage a team of security analysts, providing mentorship, defining workflows, and establishing KPIs for threat detection and response.
- Tool Orchestration: Act as the primary administrator and subject matter expert for the cybersecurity stack, specifically:CrowdStrike: Managing Falcon policies, EDR deployments, and Overwatch alerts.
- ThreatLocker: Administering application whitelisting (Allowlisting), Ringfencing™, and storage control.
- SIEM Management: Managing the ingestion, correlation, and alerting logic within the SIEM (e.g., Splunk, Sentinel, or LogRhythm).
- Incident Response (IR): Lead high-priority investigations. You will serve as the "Incident Commander" during breaches, coordinating containment, eradication, and recovery.
- Threat Hunting: Proactively analyze telemetry to identify hidden threats that bypass automated defenses.
- Compliance & Reporting: Translate complex technical data into actionable executive summaries for stakeholders and ensure alignment with frameworks like NIST or ISO 27001.
- Manage relationship with MSSP provider and ensure effectiveness of the provider
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
