Sr Director, Incident Response

This is a Full Time Job

Overview & Responsibilities

Paramount is seeking a Senior Director of Incident Response to join its Global Information Security Group. This position will be a vital leader of the Threat Response team, leading the Cyber Security Incident Response Team (CSIRT) activities and capabilities development with the support of SOC analysts and incident responders globally using a wide variety of tools. As the CSIRT leader, the candidate will be responsible for maturing and maintaining a global program that aligns with leading industry standards, advice, and direction. This involves operating and continually improving existing CSIRT processes, as well as the development of new processes in response to evolving threats and business requirements.

• Provide leadership and guidance, acting as the main contact for senior management, being the 24/7 senior focal point for incident management within the enterprise, directing the CSIRT in appropriate response and actions.
• Oversee the continuous monitoring, identification, intake, triage, response, remediation and resolution of security incidents while prioritizing incidents based on risk or exposure.
• Responsible for a team of managers and SOC analysts who continuously perform monitoring and triage of collected information and alerts to determine what is actionable.
• Ensure continual development of full security incident management lifecycle, from incident analysis, coordination, response to remediation and reporting with planned tabletop exercises.
• Leverage input from Cyber Threat Intelligence (CTI) team, including strategic, operational and tactical intelligence to benefit SOC tuning and incident response.
• Direct activities of service providers to deliver cost-effective and efficient SOC operations and incident response while ensuring fulfillment of SLAs.
• Work closely with other senior information security, privacy and business leaders on potential data breaches and other security or privacy incidents.
• Develop and mentor staff through open communication, training and development opportunities, and performance management processes.
• Build and maintain documentation/knowledgebase of playbooks, processes, procedures and archival of security incidents.
• Production of quality incident reports, briefings and on-demand assessments to be consumed both at the executive and technical practitioner level.
• Develop and maintain objectives, metrics and KPIs supporting the department's strategic direction and continuously improve SOC capabilities.
• Outcomes will be used to inform Paramount's overall cybersecurity strategy, providing leadership with valuable detection and response insights, allowing proactive and tactical controls to be implemented.
• Availability during off-hours and holidays.

Basic Qualifications

• 7 years of technical security experience, with 5 years of experience leading a cyber incident response or security operations team within a large enterprise organization.
• Deep technical understanding of SIEM, SOAR, EDR, firewalls, network and email security tools with a variety of enterprise IT and cloud-based architectures and technologies, such as networking, server infrastructure, operating systems, web applications, databases, containerization and mobile

Additional Qualifications

• Strong leadership and interpersonal skills with executive management.
• Excellent operational rigor with extensive real-world experience leading and responding to large scale, complex incidents.
• Solid grasp of common cyber frameworks and models such as the MITRE ATT&CK, Cyber Kill Chain, Diamond Model, Pyramid of Pain, DeTT&CT and modern penetration testing techniques
• Minimum of one of the following certifications: CISSP, SANS GCIH, GSOC, GSOM, GCIA, GPEN, GMON, GCDA, GDAT or certifications relating to security operations or incident response
• Solid understanding of incident response processes, workflows, communications and reporting, issues and cross-depar