- Lead Incident Response Threat Intelligence Threat Hunting Detection Engineering Malware Analysis Security Analytics
- Act as escalation owner for high severity and complex incidents
- Demonstrates strong people management skills by effectively leading teams mentoring talent and driving performance and accountability
- Demonstrates strong decision making capabilities during security incidents enabling timely containment risk mitigation and effective resolution of incidents
- Drive RCA CAPA mock drills tabletop exercises cyber crisis simulations
- Establish threat intelligence TTP based hunting APT ransomware monitoring
- Review SIEM use case lifecycle alert quality and detection coverage
- Drive automation strategies like SOAR BAS deception cyber range automation initiatives
- Define and baseline the KPIs KRIs executive dashboards leadership reporting
- Strong reporting capabilities to send key updates to CISO and senior leadership team
- Strong collaboration with other functions Governance PRC TechOps act as trusted advisors
Domain->Infrastructure-Information Security Management->Business Continuity Management
