Senior Manager, Cyber Operations - Incident Response
Company Otis
Location Remote
Preferred GIAC Certifications GCIH GCIA GCFA GCFE
Travel 10%
Salary Not provided
Contact Name Otis HR
Contact Email careers/at/
Expires 2023-10-06

Job Description

Date Posted: 2023-08-01
Country: United States of America
Location: OTCTH: Connecticut Home Offices Remote Location, Remote City, CT, 06032 USA

At Otis, we move billions of people every day. How? Through our talented team of more than 68,000 employees who are passionate about what we do and what’s next. From our foundation of excellent products (escalators, elevators and moving walkways) to our next chapter of digital transformation, this is a great time to join us.

The Senior Manager, Cyber Operations – Incident Response will lead Incident Response activities, and will be responsible for isolating, analyzing, containing, and eradicating cyber-attacks and the malware responsible for incidents. The IR Lead will guide a team of shared SOC/IR analysts during significant incidents/investigations, responding efficiently and effectively to resolve threats and minimize impact to the organization.”

Essential Responsibilities:

This role is responsible for escalation of response activities and the notification and engagement with the respective stakeholders during cyber events
The IR Lead will be familiar with the known forms of attack/tactics which are described in the MITRE ATT&CK framework, and will anticipate the evolution of threat actor tools, techniques, and practices in response
Manage the 24x7 Cybersecurity Incident Response program, including staff, vendors, and technologies that support the program
Manage the creation and continual improvement of IR Playbooks, Runbooks, and other key processes used to support the IR function
Manage the development and maturity of the Incident Response Lab capabilities.
Collect and analyze system alerts, logs, and other artifacts, and evaluate whether unauthorized access or information exfiltration occurred when working an incident
Manage the Email Fraud Detection program in correcting deficiencies with the implementation of email security controls

A bachelor’s or master’s degree in information security, computer science, computer engineering or a related discipline, or equivalent relevant work experience, is required
Experience or certification in Security and/or Incident Handling is preferred (e.g., CISSP, CISM, GCIH, CEH, etc.)
Basic Qualifications

Previous experience developing or leading a Cyber Security Incident Response Program
Hands on experience analyzing malware, negotiating ransomware, and creating Incident Response playbooks
Technical experience with forensic tools
Strong leadership abilities to lead IR activities, notify incident activities, and to work with C-level executives when the severity level of an incident breaks a threshold for notifying the Executive Leadership Team, including the Privacy Office and the Legal Team
Excellent communication skills, with experience influencing all levels of an organization - from technical engineers to senior management
5+ years in the information security field, at least 2 of which were in leading or managing Incident Response Teams
Experience in running projects, assigning, tracking, and managing tasks
Familiarity in management of an IR Lab, including management of sandbox, tracking personnel access, ensuring IR tools are functional and up to date, etc.
Preferred Qualifications

Incident response and intrusion analysis specific certifications such as GCIH, GCIA are a plus. Forensic certifications (GCFA/GCFE, CCFE, etc.) are also advantageous in this role