"Alerted.org

Description

The Manager of IT Security Incident Response will lead efforts to develop, maintain, and enhance the organization's ability to detect, respond to, and recover from cybersecurity threats. This role oversees incident response operations on an ongoing basis, ensuring the implementation of robust security measures to identify, mitigate, and prevent cyber incidents.

Core Responsibilities

+ Oversee security incident response operations, including monitoring and response activities.

+ Conduct reviews, perform investigations, analyze incidents, and assess procedures to evaluate effectiveness and determine project feasibility.

+ Document root cause analyses, security events, and incident reports for future reference and improvement.

+ Develop and maintain IT security incident response protocols, including support materials, to ensure compliance with the Cybersecurity Incident Response Team (CSIRT) program.

+ Collaborate with business units, IT teams, and external partners to ensure clarity and mutual understanding of incident response processes and responsibilities.

+ Act as a liaison between the incident response team, enterprise IT services, and business units to ensure seamless coordination during incidents.

+ Initiate and manage the IT security incident response process, making authoritative decisions within the role to ensure timely resolution of incidents, including documentation and reporting.

+ Organize and participate in post-incident reviews, maintaining logs such as generator journals if required, and presenting findings to senior leadership.

+ Leverage experience with Unix/Linux or related operating systems for file-level forensic analysis.

Department-Specific Functions

The Manager must possess in-depth expertise in the following areas:

+ Methods and motivations used by hackers to attack IT platforms and automated systems.

+ IT security incident management processes, tools, and operations.

+ IT risk assessment and mitigation strategies.

+ Security forensic techniques, tools, and procedures.

+ Serve as a key member of the Cybersecurity Incident Response Team (CSIRT).

+ Facilitate cross-team collaboration, communication, and documentation to effectively respond to, contain, and remediate cybersecurity incidents.

+ Work closely with other functions within cybersecurity and IT management teams, partnering with Managed Security Services Providers to ensure consistent, high-quality incident response services.

+ Manage daily operations for event and incident management, ensuring deadlines are met and initiatives are effectively executed.

+ Supervise people-management activities for direct reports, setting goals and providing mentorship to the team.

+ Develop key performance metrics and dashboards to track incident response progress.

+ Maintain regular communication with senior leadership and business units to align on priorities and outcomes.

+ Possess knowledge of IT end-to-end problem management and root cause analysis, with a preference for experience in South Florida to provide location-specific insights.

Requirements

+ Bachelor’s degree in a relevant field such as Computer Science, Mathematics, Statistics, or a related discipline; a Master’s degree is highly desirable.

+ Certified Information Systems Security Professional (CISSP), preferred.

+ Certified Information Security Manager (CISM) or equivalent certification, preferred.

+ Cloud Computing Security Certification, preferred.

+ GIAC Certified Incident Handler (GCIH), preferred.

+ Minimum of 12 years of IT security experience or an equivalent combination of education and experience; prior experience in a 24x7x365 SOC environment is required.

+ At least 5 years of experience in incident response or a similar role within a medium to large organization, with a preference for healthcare industry experience.

+ In-depth knowledge of security incident management processes and tools.

+ Prior people management or leadership experience with a proven ability to lead, motivate, and guide a team in high-pressure environments.

+ Strong skills in project management, presentation, and communication to effectively collaborate with stakeholders.

+ Ability to handle confidential information with discretion.

+ Understanding of business and management principles to align security efforts with organizational goals.

+ Familiarity with IT project management and change control processes.

+ Knowledge of the MITRE ATT& CK framework and its application in incident response.

+ Capability to oversee, manage, implement, and evaluate department operations.

+ Ability to establish departmental goals and objectives that align with the organization’s strategic plan.

+ Proven leadership skills to guide, motivate, develop, and train team members.

Technology Doesn't Change the World, People Do.®

Robert Half is the world’s first and largest specialized talent solutions firm that connects highly qualified job seekers to opportunities at great companies. We offer contract, temporary and permanent placement solutions for finance and accounting, technology, marketing and creative, legal, and administrative and customer support roles.

Robert Half works to put you in the best position to succeed. We provide access to top jobs, competitive compensation and benefits, and free online training. Stay on top of every opportunity - whenever you choose - even on the go. Download the Robert Half app (https://www.roberthalf.com/us/en/mobile-app) and get 1-tap apply, notifications of AI-matched jobs, and much more.

All applicants applying for U.S. job openings must be legally authorized to work in the United States. Benefits are available to contract/temporary professionals, including medical, vision, dental, and life and disability insurance. Hired contract/temporary professionals are also eligible to enroll in our company 401(k) plan. Visit roberthalf.gobenefits.net for more information.

• 2025 Robert Half. An Equal Opportunity Employer. M/F/Disability/Veterans. By clicking “Apply Now,” you’re agreeing to Robert Half’s Terms of Use (https://www.roberthalf.com/us/en/terms) .