Manager, Information Security (Incident Response)

  • 40 Water St, Boston, MA 02109, USA
  • Employees can work remotely
  • Full-time

Company Description

At Re:Sources, we like to think we’re the backbone of Publicis Groupe, an ensemble of stellar advertising and public relations brands. We provide our peers technology, finance, operations, and legal solutions that enable them to excel with their clients. We’re over 80,000 worldwide, and growing.

There’s so many exciting things to do, we’re looking for the right people to make it all happen.

Why join us?

Now is an amazing time to join us. We’re dedicated to providing the best portfolio of tools and talent to help differentiate our brands across the globe.

Because we’re committed to collaboration, creativity, innovation, sharing, and limitless possibility, we’re continuously evolving as a world-class organization. The way we work, and the spaces in which we work, enable us to succeed in a way that produces our best.

We excel because we ensure Re:Sourcers are inspired, dedicated, healthy, and innovative. Our benefits are but one incredible aspect of this.

In short, we’re establishing what it means to love what you do, and we’d love you to come help us.

By the way, Re:Sourcers are a diverse group of people, and we invite everyone to apply. We don’t let race, gender, disability, religion, sexual orientation, national origin, citizenship status, veteran status, pregnancy status, or any other conceived differences limit who we are and what we can accomplish!

Job Description

The Manager, Information Security is part of a global team and leads incident response for higher severity cyber security incidents that are associated with our businesses, clients, and vendors; is technically skilled and ensures incident containment, remediation, and closure. This individual has hands-on experience in incident management and incident response and will direct work to drive incidents to closure. The Manager will be expected to work closely with the legal, data privacy, business, and client teams. They should be comfortable with interacting with senior executives including C-level staff.

Key Responsibilities and Duties:

  • Lead investigation of cyber security incidents of higher severity
  • Analyze compromised/potentially compromised systems
  • Coordinate evidence/data gathering and document security incident reports
  • Manage, review and present written and oral reports in a pertinent, concise, and accurate manner for distribution to management
  • Maintain security processes such as application security, vulnerability management and incident response
  • Maintain current knowledge of tools and best practices in advanced persistent threats, tools, techniques, procedures of attackers, forensics, and incident response
  • Perform complex forensic investigations into system breaches, data leaks, and system weaknesses
  • Provide technical expertise to staff on security incident monitoring, triage, response, threat & vulnerability management, and security analysis
  • Provide strategic direction on types of Incident Management activities that will drive efficiencies across company

Qualifications

Key Responsibilities and Duties:

  • Lead the team and direct investigation of cyber security incidents of higher severity
  • Analyze compromised/potentially compromised systems
  • Coordinate evidence/data gathering and document security incident reports
  • Manage, review and present written and oral reports in a pertinent, concise, and accurate manner for distribution to management
  • Maintain security processes such as application security, vulnerability management and incident response
  • Maintain current knowledge of tools and best practices in advanced persistent threats, tools, techniques, procedures of attackers, forensics, and incident response
  • Perform complex forensic investigations into system breaches, data leaks, and system weaknesses
  • Provide technical expertise to staff on security incident monitoring, triage, response, threat & vulnerability management, and security analysis
  • Provide strategic direction on types of Incident Management activities that will drive efficiencies across company

Qualifications and Skills:

  • 4 or more years of experience in an analytical role of either network forensics analyst, threat analyst, incident response or security engineer/consultant
  • Experience managing, motivating, and mentoring direct reports
  • Strong working knowledge in Linux, Windows, and MacOS systems
  • Experience developing and managing incident response programs
  • Expertise in analysis of TCP/IP network communication protocols
  • Experience conducting analysis of electronic media, packet capture, log data, and network devices in support of intrusion analysis or enterprise level information security operations
  • Knowledge of advanced computer exploitation methodologies
  • Proficient in social engineering, phishing, log analysis, system administration
  • Understanding of real-world exploits work, how offensive attackers laterally move between internal systems and to establish persistence
  • Strong general knowledge of security concepts and expertise in network and web application security issues

Additional Information

All your information will be kept confidential according to EEO guidelines.

This job description in no way states or implies that these are the only duties to be performed by the employee(s) currently in this position. Employee(s) will be required to follow any other job related instructions and to perform any other job-related duties requested by any person authorized to give instructions or assignments.

A review of this position has excluded the marginal functions of the position that are incidental to the performance of fundamental job duties. All duties and responsibilities are essential job functions and requirements and are subject to possible modification to reasonably accommodate individuals with disabilities. To perform this job successfully, the incumbent(s) will possess the skills, aptitudes, and abilities to perform each duty proficiently. Some requirements may exclude individuals who pose a direct threat or significant risk to the health or safety of themselves or others. The requirements listed in this document are the minimum levels of knowledge, skills, or abilities.

This document does not create an employment contract, implied or otherwise, other than an "at-will" relations

Privacy Policy