About the role
Description
We are looking for a Cyber Incident Response Commander to join our team of consultants in Montreal office.
This position is remote.
Tâches
-
Maintain documentation and process particularly the incident response plan (IRP):
- Maintain up to date IRP & appendix
- Maintain the Plan in relationship with other plans and policies in effect
- Refine the specific incident playbooks so that each actor is as relevant as possible
- Improve process with legal, communication departments
- Write IRPs contextualized to a specific scope (Ships, Region, Subsidiaries...)
- Regroup lessons learned and provide improvement recommendations
- Establish links between incidents
- Provide evidence to external or internal auditors
-
Manage information security incidents:
- Assume the Incident Commander role, bringing business and technical units to the table
- Assess the incident severity
- Declare major incidents officially based on risk and regulation criteria
- Manage incidents according to the Plan and the included playbooks
- Ensure each team member operates within their defined responsibilities and collaborates effectively with others
- Prioritize Forensic activities
- Analyse & prioritise Incidents
- Follow mitigation & recovery
- Communicate, notify, report
-
Other responsibilities:
- Participate to Cyber Defense Center transversal collaboration activities
- Participate to projects, improvements and compliance efforts related to CERT matters
Exigences
- You hold relevant cybersecurity industry certifications, including:
- GCFA
- CIH
- CISSP
- CEH
- ECSA
- ITIL Foundation
- Knowledge of security tools and techniques
- Understanding of SOC and forensics techniques
- You are from a STEM, cybersecurity or equivalent academic background, focused on rigor and optimization
- You have 5 or more years of experience in a role with similar responsibilities, including CERT, SOC, SecOps or GRC
- You know how to keep your cool under pressure and think straight in moments of chaos
- You have a good understanding of information security incident management processes and methodologies (e.g.: ISO 27035, NIST framework or SANS 6-steps)
- You can convey an information security message to an organization's management/executive
- Experience in the transportation/shipping/logistics is a plus
- You master oral and written English in a professional context
Qualities
- Autonomy and proactive behavior
- Excellent verbal and written communication
- Analysis and synthesis capacity
- Desire to engage with people and enable their success
- Leadership and willingness to make things evolve
- Capacity to work in an international environment with offshore personnel
- Discretion about sensitive matters
About the role
Description
We are looking for a Cyber Incident Response Commander to join our team of consultants in Montreal office.
This position is remote.
Tâches
-
Maintain documentation and process particularly the incident response plan (IRP):
- Maintain up to date IRP & appendix
- Maintain the Plan in relationship with other plans and policies in effect
- Refine the specific incident playbooks so that each actor is as relevant as possible
- Improve process with legal, communication departments
- Write IRPs contextualized to a specific scope (Ships, Region, Subsidiaries...)
- Regroup lessons learned and provide improvement recommendations
- Establish links between incidents
- Provide evidence to external or internal auditors
-
Manage information security incidents:
- Assume the Incident Commander role, bringing business and technical units to the table
- Assess the incident severity
- Declare major incidents officially based on risk and regulation criteria
- Manage incidents according to the Plan and the included playbooks
- Ensure each team member operates within their defined responsibilities and collaborates effectively with others
- Prioritize Forensic activities
- Analyse & prioritise Incidents
- Follow mitigation & recovery
- Communicate, notify, report
-
Other responsibilities:
- Participate to Cyber Defense Center transversal collaboration activities
- Participate to projects, improvements and compliance efforts related to CERT matters
Exigences
- You hold relevant cybersecurity industry certifications, including:
- GCFA
- CIH
- CISSP
- CEH
- ECSA
- ITIL Foundation
- Knowledge of security tools and techniques
- Understanding of SOC and forensics techniques
- You are from a STEM, cybersecurity or equivalent academic background, focused on rigor and optimization
- You have 5 or more years of experience in a role with similar responsibilities, including CERT, SOC, SecOps or GRC
- You know how to keep your cool under pressure and think straight in moments of chaos
- You have a good understanding of information security incident management processes and methodologies (e.g.: ISO 27035, NIST framework or SANS 6-steps)
- You can convey an information security message to an organization's management/executive
- Experience in the transportation/shipping/logistics is a plus
- You master oral and written English in a professional context
Qualities
- Autonomy and proactive behavior
- Excellent verbal and written communication
- Analysis and synthesis capacity
- Desire to engage with people and enable their success
- Leadership and willingness to make things evolve
- Capacity to work in an international environment with offshore personnel
- Discretion about sensitive matters