Job Description

Secureworks (NASDAQ: SCWX) a global cybersecurity leader, enables our customers and partners to outpace and outmaneuver adversaries with more precision, so they can rapidly adapt and respond to market forces to meet their business needs. With a unique combination of cloud-native, SaaS security platform and intelligence-driven security solutions, informed by 20+ years of threat intelligence and research, no other security platform is grounded and informed with this much real-world experience. www.secureworks.com

We enjoy competitive compensation and benefits packages, and reward and recognize our employees for exceptional results. A constant focus on continued learning and growth keeps our team members engaged and excited about whats next. We offer flexible work options when available, and emphasize the importance of work-life balance. We know that when our people are rewarded, recognized, and rejuvenated, we win as a team.

Role Overview

The Senior Security Incident Response Team Lead works with consultants and clients in the growing area of cybersecurity incident response management. This role supports a team of consultants delivering services focused on preparing clients to effectively handle cybersecurity incidents as well as occasionally providing advisory services to clients experiencing incidents, as well as delivering some of these services directly in a consulting role. Helping clients prepare for incidents includes developing and evaluating response capabilities and plan documentation, delivering training, and conducting exercises to test response capabilities.

The successful candidate will work with consultants and other team leadership to manage client engagements from initiation to completion, and will seek out opportunities to improve efficiency and efficacy of service delivery. They must have experience in developing, managing, and operating incident response capabilities, conducting training, exercises and workshops, and will be familiar with tactics, techniques, and procedures commonly employed by and used to thwart threat actors. Familiarity with the drivers and constraints that organizations are working with and against while trying to secure their infrastructure and data is a necessity.

As this is a leadership position, the candidate will be expected to continually assess existing offerings for improvements and lead said improvements, identify potential new service lines while understanding business constraints and customer demand, and improve team efficiencies.

Responsibilities

* Promote Secureworks by participating in external speaking engagements, writing whitepapers and blogposts, and ensuring identification of opportunities for additional support to be provided to clients
* Support consulting team by assisting in coordinating managing workloads, scoping and scheduling client engagements, identifying appropriate subject matter expertise to address client requirements, and acting as an initial escalation point to address issues with service delivery
* Identify and address problems with service delivery efficiency and efficacy
* Design and deliver incident response exercises to test client incident response plans; oversee the delivery of exercises by other consultants
* Develop detailed incident response plans and playbooks based on client needs
* Strong organizational and workload management skills, strong technical communication skills (oral and written) including experience briefing executive management and desire to work with clients to solve complex security issues, including at times in crisis situations
* Briefing senior-level leadership, and conveying technical subject matter to audiences of varying backgrounds and skill levels
* Operate with a high degree of independence and, in alignment with senior management, execute team / offering improvement projects
* Contribute to the continual improvement of services that we deliver to clients and the processes that the team utilizes to deliver them
* Serve as subject matter expert in incident response capability development and improvement
* Provide objective, actionable, and complete guidance that enables and improves our clients incident management capabilities
* Conduct assessments of client readiness to respond to incidents, including designing and delivering incident response exercises to test client incident response capabilities; review the assessments of other consultant
* Manage consulting workload, client requirements, and internal projects and tasking as assigned
* Support complex incident response; review analysis and conclusions of other consultants
* Document findings, develop recommendations and present both orally and in written reports
* Mentor junior staff

This position requires up to 60% travel.

This is a remote position.

Requirements

* Minimum of 8 years of information security experience, including the development and maturation of incident response or security teams
* Must have background in identification of industry trends to create and adjust proactive consulting offering
* Project and resource management experience required
* Operational experience with security tools such as (firewalls, IDS, IPS, SIEMs, proxies, VPNs) required
* Must be familiar with tactics, techniques, and procedures commonly employed by threat actors, and their motivations
* Understanding of at least one framework: ISO 27001/2, FISMA, PCI, HITRUST, NIST 800-series, CoBIT, PCI, etc

Preferences

* Understanding of vulnerabilities and tools used to discover, analyze, and exploit vulnerabilities
* Bachelor's degree in computer science, information systems, information assurance, or equivalent work experience
* Experience mentoring and leading teams of technical staff
* Technical or professional certifications such as GCFA, CISA, CISSP, etc.

LI-Remote

Secureworks (A Dell Technologies Company) is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at Secureworks are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief,national, social or ethnicorigin, sex (including pregnancy), age, physical, mental or sensory disability, HIV status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnershipstatus, past or present military service, family medical history or genetic information, family or parental status,or any other status protected by the laws or regulations in the locations where we operate. Secureworks will not tolerate discrimination or harassment based on any of these characteristics. Learn more about Diversity and Inclusion at Secureworks here