Jobs.ca
Jobs.ca
Language
Gravity Conseil logo

CYBER INCIDENT RESPONSE COMMANDER

Gravity Conseil3 days ago
Verified
Remote
Remote
Senior Level
Full-time

About the role

Description

We are looking for a Cyber Incident Response Commander to join our team of consultants in Montreal office.

This position is remote.

Tâches

  • Maintain documentation and process particularly the incident response plan (IRP):

    • Maintain up to date IRP & appendix
    • Maintain the Plan in relationship with other plans and policies in effect
    • Refine the specific incident playbooks so that each actor is as relevant as possible
    • Improve process with legal, communication departments
    • Write IRPs contextualized to a specific scope (Ships, Region, Subsidiaries...)
    • Regroup lessons learned and provide improvement recommendations
    • Establish links between incidents
    • Provide evidence to external or internal auditors
  • Manage information security incidents:

    • Assume the Incident Commander role, bringing business and technical units to the table
    • Assess the incident severity
    • Declare major incidents officially based on risk and regulation criteria
    • Manage incidents according to the Plan and the included playbooks
    • Ensure each team member operates within their defined responsibilities and collaborates effectively with others
    • Prioritize Forensic activities
    • Analyse & prioritise Incidents
    • Follow mitigation & recovery
    • Communicate, notify, report
  • Other responsibilities:

    • Participate to Cyber Defense Center transversal collaboration activities
    • Participate to projects, improvements and compliance efforts related to CERT matters

Exigences

  • You hold relevant cybersecurity industry certifications, including:
    • GCFA
    • CIH
    • CISSP
    • CEH
    • ECSA
    • ITIL Foundation
  • Knowledge of security tools and techniques
  • Understanding of SOC and forensics techniques
  • You are from a STEM, cybersecurity or equivalent academic background, focused on rigor and optimization
  • You have 5 or more years of experience in a role with similar responsibilities, including CERT, SOC, SecOps or GRC
  • You know how to keep your cool under pressure and think straight in moments of chaos
  • You have a good understanding of information security incident management processes and methodologies (e.g.: ISO 27035, NIST framework or SANS 6-steps)
  • You can convey an information security message to an organization's management/executive
  • Experience in the transportation/shipping/logistics is a plus
  • You master oral and written English in a professional context

Qualities

  • Autonomy and proactive behavior
  • Excellent verbal and written communication
  • Analysis and synthesis capacity
  • Desire to engage with people and enable their success
  • Leadership and willingness to make things evolve
  • Capacity to work in an international environment with offshore personnel
  • Discretion about sensitive matters

About Gravity Conseil

Professional Services