Cybersecurity Incident Response Manager (Remote) at CareFirst #vacancy #remote

Resp & Qualifications

PURPOSE:

Leads CareFirst Cybersecurity Incident Response, a diverse team of subject matter experts who are activated to respond in the event of a cybersecurity investigation or incident. Leads continuous improvement through incident retrospectives, drives change through accelerating the maturity of the cybersecurity program, and enhances resiliency through the identification and remediation of ineffective and inefficient cybersecurity controls and processes. Key lines of service are cyber incident response and insider risk management, with key partners in the Privacy, Legal, and Enterprise Risk Management organizations.

This position requires a strong cyber incident response background, solid leadership skills, and a commitment to communication, collaboration, and transparency as core values.

ESSENTIAL FUNCTIONS:

  • Lead the day-to-day operations of Cybersecurity Incident Response, motivating, coaching, and modeling excellence for a highly technical team.
  • Partner with the Cybersecurity Leadership Team to align strategic goals with roadmaps for execution, driving capability maturity.
  • Consult with internal stakeholders to ensure quality, consistency, and comprehensiveness of incident response activities.
  • Establish and monitor objective metrics, to link day-to-day activities with overarching strategic goals and measure organizational effectiveness.
  • Ensure organizational processes and procedures are aligned to maintain compliance with industry and regulatory standards.
  • Align incident response processes and procedures to industry standards and best practices.
  • Provide oversight of technologies within the incident response portfolio.
  • Manage vendor relationships for technical capabilities as well as retainer services.

QUALIFICATIONS:

Education Level: Bachelor’s Degree in Computer Science, Information Technology, or related field OR in lieu of a Bachelor’s degree, an additional 4 years of relevant work experience is required in addition to the required work experience.

Licenses/Certifications Preferred:

  • CISSP Certified Information Systems Security Professional or Certification in Digital Forensics and Incident Response.

Experience:

  • 5 years Related professional experience.
  • 1-year Supervisory experience or demonstrated progressive leadership experience.

Knowledge, Skills and Abilities (KSAs)

  • Ability to lead and work as part of a team.
  • Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity.
  • Knowledge of incident response and handling methodologies.
  • Knowledge of industry-standard and organizationally accepted analysis principles and methods.
  • Knowledge of current industry methods for evaluating, implementing, and disseminating information technology (IT) security assessment, monitoring, detection, and remediation tools and procedures utilizing standards-based concepts and capabilities.
  • Knowledge of new and emerging information technology (IT) and cybersecurity technologies.
  • Knowledge of what constitutes a network attack and a network attacks relationship to both threats and vulnerabilities.
  • Knowledge of information security program management and project management principles and techniques.
  • Knowledge of organization’s risk tolerance and/or risk management approach.
  • Knowledge of enterprise incident response program, roles, and responsibilities.
  • Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.

Salary Range: $143,120 – $265,667

Travel Requirements Estimate Amount: Monthly, occasional

Salary Range Disclaimer

The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the work is being performed. This compensation range is specific and considers factors such as (but not limited to) the scope and responsibilites of the position, the candidate’s work experience, education/training, internal peer equity, and market and business consideration. It is not typical for an individual to be hired at the top of the range, as compensation decisions depend on each case’s facts and circumstances, including but not limited to experience, internal equity, and location. In addition to your compensation, CareFirst offers a comprehensive benefits package, various incentive programs/plans, and 401k contribution programs/plans (all benefits/incentives are subject to eligibility requirements).

Department

Cybersecurity Operations

Equal Employment Opportunity

CareFirst BlueCross BlueShield is an Equal Opportunity (EEO) employer. It is the policy of the Company to provide equal employment opportunities to all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran or disabled status, or genetic information.

Where To Apply

Please visit our website to apply:

Federal Disc/Physical Demand

Note: The incumbent is required to immediately disclose any debarment, exclusion, or other event that makes him/her ineligible to perform work directly or indirectly on Federal health care programs.

PHYSICAL DEMANDS:

The associate is primarily seated while performing the duties of the position. Occasional walking or standing is required. The hands are regularly used to write, type, key and handle or feel small controls and objects. The associate must frequently talk and hear. Weights up to 25 pounds are occasionally lifted.

Sponsorship in US

Must be eligible to work in the U.S. without Sponsorship

#LI-HS1

Incident response Project management Certified Information Systems Security Professional (CISSP) Information security

Залишити відповідь