Manager, Information Security (Incident Response)
- Expired: over a month ago. Applications are no longer accepted.
Re:Sources is the backbone of Publicis Groupe, the world’s third-largest communications group. Formed in 1998 as a small team to service a few Publicis Groupe firms, Re:Sources has grown to 4,000+ people servicing a global network of prestigious advertising, public relations, media, healthcare and digital marketing agencies. We provide technology solutions and business services including finance, accounting, legal, benefits, procurement, tax, real estate, treasury and risk management to help Publicis Groupe agencies do what they do best: create and innovate for their clients.
In addition to providing essential, everyday services to our agencies, Re:Sources develops and implements platforms, applications and tools to enhance productivity, encourage collaboration and enable professional and personal development. We continually transform to keep pace with our ever-changing communications industry and thrive on a spirit of innovation felt around the globe. With our support, Publicis Groupe agencies continue to create and deliver award-winning campaigns for their clients.
The company is a premier shared services company serving the financial, technological and administrative needs of U.S.-based business units of the the world’s fourth largest Communications company. With 2020 revenues of nearly 9 billion Euros, the parent company specializes in Advertising, Digital, Media buying and consultancy. The parent company is present in over 100+ countries on 5 continents, with 80,000 employees.
The company was the first and remains the largest shared services operation in the communications industry in the United States. Founded in 1997 and headquartered in New York City, it provides highly effective support services in the areas of finance, administration, transaction processing and Information Technology.Job Description
The Manager, Information Security is part of a global team and leads incident response for higher severity cyber security incidents that are associated with our businesses, clients, and vendors; is technically skilled and ensures incident containment, remediation, and closure. This individual has hands-on experience in incident management and incident response and will direct work to drive incidents to closure. The Manager will be expected to work closely with the legal, data privacy, business, and client teams. They should be comfortable with interacting with senior executives including C-level staff.
- Lead the team and direct investigation of cyber security incidents of higher severity
- Analyze compromised/potentially compromised systems
- Coordinate evidence/data gathering and document security incident reports
- Manage, review and present written and oral reports in a pertinent, concise, and accurate manner for distribution to management
- Maintain security processes such as application security, vulnerability management and incident response
- Maintain current knowledge of tools and best practices in advanced persistent threats, tools, techniques, procedures of attackers, forensics, and incident response
- Perform complex forensic investigations into system breaches, data leaks, and system weaknesses
- Provide technical expertise to staff on security incident monitoring, triage, response, threat & vulnerability management, and security analysis
- Provide strategic direction on types of Incident Management activities that will drive efficiencies across company
- 4 or more years of experience in an analytical role of either network forensics analyst, threat analyst, incident response or security engineer/consultant
- Experience managing, motivating, and mentoring direct reports
- Strong working knowledge in Linux, Windows, and MacOS systems
- Experience developing and managing incident response programs
- Expertise in analysis of TCP/IP network communication protocols
- Experience conducting analysis of electronic media, packet capture, log data, and network devices in support of intrusion analysis or enterprise level information security operations
- Knowledge of advanced computer exploitation methodologies
- Proficient in social engineering, phishing, log analysis, system administration
- Understanding of real-world exploits work, how offensive attackers laterally move between internal systems and to establish persistence
- Strong general knowledge of security concepts and expertise in network and web application security issues
- Experience with a scripting language such as Perl, Python, or other scripting language in an incident handling environment
- Experience on forensic investigation tools such as: EnCase, FTK, Sleuthkit, Kali Linux
- Technical aptitude, with the ability to effectively communicate with a working knowledge of all areas of IT
- Capable of solving complex problems and distill relevant findings and root causes
- Proven ability and experience of working in a high-pressure, fast paced environment where bold, time critical decision making is essential
- Demonstrated experience interpreting and analyzing Incident reporting, including both proactive and reactive metrics
- Strong communication (written and oral) and customer interaction skills
- Able to use independent judgement to plan, prioritize and organize a diversified workload
- Excellent ability to lead a technical team in a fast-paced and global work environment
All your information will be kept confidential according to EEO guidelines.
This job description in no way states or implies that these are the only duties to be performed by the employee(s) currently in this position. Employee(s) will be required to follow any other job related instructions and to perform any other job-related duties requested by any person authorized to give instructions or assignments.
A review of this position has excluded the marginal functions of the position that are incidental to the performance of fundamental job duties. All duties and responsibilities are essential job functions and requirements and are subject to possible modification to reasonably accommodate individuals with disabilities. To perform this job successfully, the incumbent(s) will possess the skills, aptitudes, and abilities to perform each duty proficiently. Some requirements may exclude individuals who pose a direct threat or significant risk to the health or safety of themselves or others. The requirements listed in this document are the minimum levels of knowledge, skills, or abilities.
This document does not create an employment contract, implied or otherwise, other than an "at-will" relations.
GovernmentView all jobs at Re:Sources Global