• Cybersecurity Director- Incident Response

    CBRE (Richardson, TX)


    Cybersecurity Director- Incident Response

     

    Job ID

     

    207215

     

    Posted

     

    25-Feb-2025

     

    Service line

     

    Corporate Segment

     

    Role type

     

    Full-time

     

    Areas of Interest

     

    Data & Analytics, Digital & Technology/Information Technology

     

    Location(s)

     

    Dallas - Texas - United States of America, Richardson - Texas - United States of America

    Company Profile

    A Fortune 500 company, CBRE is the global leader in real estate services and leverages the industry's most powerful knowledge base to meet the commercial real estate needs of its clients worldwide. Our vision is to be the preeminent, vertically integrated, globally capable real estate service firm. Globally we employ over 140,000 employees and operate in over 100 countries.

     

    The Team

     

    Global Cyber Security Office – The Global CSO’s mission is to mitigate cyber security risk by actively working with the CBRE business, Digital & Technology and other partner organizations (Compliance, Risk Mgmt., Audit, & Legal) to seamlessly integrate security processes, tools, and people into the business culture providing a comprehensive security ecosystem, driving continuous improvements and detailed protection / monitoring capabilities globally.

    What you’ll do

    + Responsible for the management of major high-profile cyber security incidents in a sophisticated global Fortune 500 enterprise

    + Management and oversight of global incidents, handling of third-party security incidents, providing executive awareness and communications on significant cyber incidents and threats

    + Lead and handle global security operations center and vulnerability analysts, including staffing and daily management

    + Demonstrate a passion for research and uncovering the unknown about cyber security threats and threat actors

    + Coordinate response activities in partnership with global security incident analysts for high priority incidents

    + Provide authority analytic investigative support for large scale and complex security incidents

    + Provides timely and relevant updates to appropriate executive team members and decision makers

    + Conducts after-action reporting and provides relevant insights to guide improvements and adjustments to CBRE’s information security posture

    + Tests and maintains incident response plans and processes to address existing and emerging threats

    + Organize, conduct, and maintain documentation for executive and targeted functional table-top exercises

    + Excellent communication, presentation, and leadership skills; confirmed teamwork and influencing skills

    + Works across the organization to champion a culture of applying applicable and relevant security design patterns, in accordance with the needs of the company and guides the teams in the organization in anticipation of future use cases

    + Participates in gathering information security metrics monthly, quarterly, and yearly

    + Experience leading complex technical projects, meeting target timelines, facilitating project meetings, authoring project documentation, and negotiating issue resolution

    + Understanding of the tactics, techniques, and procedures (TTPs) used by threat actors against endpoints

    + Several years of experience with AWS and Azure cloud offerings

    + Experience with vendor endpoint security controls

    + Experience with network-based endpoint security controls

    + Proven ability to work in a team-oriented, collaborative environment

    + Direct experience of Linux/Unix and Windows operating systems, enterprise SIEM, and packet capture analysis toolset

    What you’ll need

    + 10 years of IT security experience or equivalent skills

    + A broad and deep understanding of cyber-security threats, vulnerabilities, controls, and remediation strategies in global enterprise environments

    + Experience with large scale and complex incidents of all types to include APT, DDOS, ransomware, web compromise, account compromise, data disclosures, vulnerability exposures, etc.

    + CISSP, CISM, or other relevant certifications preferred

    + Bachelor’s Degree required in Computer Science, Cybersecurity, or related discipline

     

    Why CBRE?

     

    At CBRE, we believe we possess an encouraging environment where integrity, service, and excellence craft our approach to every opportunity. We are guided by the needs of the cities we inhabit, the communities we build and the world we live in.

     

    + CBRE named a Fortune’s Most Admired Real Estate Company Fourteen years in a row

    + CBRE agrees to acquire J&J Worldwide Services, a leading provider of engineering services, base support operations and facilities maintenance for the U.S. federal government.

    + Named a World’s Most Ethical Company by Ethisphere for 11th consecutive year.

    + Ranked #3 on Barron’s Most Sustainable Company list

    **Equal Employment Opportunity:** CBRE has a long-standing commitment to providing equal employment opportunity to all qualified applicants regardless of race, color, religion, national origin, sex, sexual orientation, gender identity, pregnancy, age, citizenship, marital status, disability, veteran status, political belief, or any other basis protected by applicable law.

    **Candidate Accommodations:** CBRE values the differences of all current and prospective employees and recognizes how every employee contributes to our company’s success. CBRE provides reasonable accommodations in job application procedures for individuals with disabilities. If you require assistance due to a disability in the application or recruitment process, please submit a request via email at [email protected] or via telephone at +1 866 225 3099 (U.S.) and +1 866 388 4346 (Canada).

     

    CBRE, Inc. is an Equal Opportunity and Affirmative Action Employer (Women/Minorities/Persons with Disabilities/US Veterans)