▷ 15h Left: Senior Security Lead

Description Purpose As a member of the Cyber Incident Response Team within the global Cyber Incident Response CIRC you will play a key role in investigating security incidents identified through infrastructure monitoring This includes addressing potential hacking attempts intrusions malware infections information mishandling and other security threats that could negatively impact VS Co You will also provide support during major incidents and investigations as well as engage in ad-hoc threat hunting purple teaming tabletop activities Conduct investigations of security incidents providing analysis and recommending corrective actions to address identified threats Participate in ad-hoc threat hunting activities to proactively identify and neutralize potential security threats Coordinate with internal teams to support a comprehensive security response Operate endpoint security and SIEM and EDR solutions to detect analyse and respond to cyber threats Serve as a focal technical lead and primary contact for complex incidents providing hands-on investigation and support Conduct sophisticated and malware analysis to understand the scope and nature of threats Facilitate document and manage root cause analysis and post-incident review process including tracking all action items and lessons learned through to implementation Lead the full incident lifecycle from detection and triage to containment eradication and recovery ensuring the timely and effective resolution of threats Facilitate root cause analysis and post-incident reviews documenting lessons learned and tracking action items for implementation to prevent future incidents Train coach and mentor junior incident responders sharing knowledge and helping them develop the skills to handle complex situations independently Identify opportunities to enhance the incident response program by improving detection fidelity developing new tools and updating incident response playbooks Communicate effectively with management stakeholders and technical teams regarding Sev1 Sev 2 incident progress and remediation efforts Proactively hunt for adversaries and potential compromises within networks even when no active incident is reported Business Strategy Possess deep functional knowledge expertise to coach guide associates to build process capability Identify develop SME talent in collaboration with the TL Managers Relationship Management Work closely with the respective teams Collaborate and build strong relationship with functional teams to ensure required support for coaching streamlining and enhancement of processes Work with cross regional partners Vendor management Excellent collaboration skills and the ability to influence team members00 VS Co provides a range of compensation for this role as shown Your actual salary will be determined by a number of factors including your specific skills and experience geographic region or other relevant factors Qualifications Education Skill Bachelor s Degree in Information Technology Information Security or equivalent experience in technology Strong understanding of digital forensics e g Splunk and Experienced with responding to major cyber incidents in a primarily Windows environment experience with a heavily mixed Linux Windows environment is a plus Preferred someone Certified in SANS GCIH Familiarity with cybersecurity frameworks such as NIST and ISO 27001 Has used forensic analysis to investigate potential breaches with supporting detail to determine attack vectors the scope of the incident and affected systems Strong leadership communication and problem-solving skills Ability to work under pressure and manage multiple security priorities Work Experience Minimum 12-15 Years of experience Leading Cyber Incident response teams Prior people process technology management experience Knowledge of cloud technologies and cloud infrastructures such as Azure GCP AWS O365 Experience with conducting log analysis across different components of a typical organisation estate e g OS network cloud Has experience in assessment evaluate prioritization of Security risk Understanding of various security controls and how they are used to detect and mitigate risk Prior experience in negotiating and managing security-related contracts with external providers