Cisco Cybersecurity Incident Manager 

United States, Georgia, Atlanta 

298904373

The Cybersecurity Incident Manager is a senior role responsible for managing, documenting and communicating enterprise-level cybersecurity incidents.This crucial role involves the careful documentation and management of security incidents, ensuring our response is thorough and aligned with compliance and regulatory requirements. The Security Incident Manager will act as a key liaison between the central Security Operations Center (SOC) and internal stakeholders, facilitating clear communication with senior leadership and driving incident resolution.

Incident Response Leadership

• Lead all phases of incident response, including detection, analysis, containment, eradication, recovery and communication.
• Act as the primary decision-maker during cybersecurity incidents, coordinating efforts across technical and business teams.
• Ensure adherence to the organization's incident response framework and regulatory requirements.

2.Strategic Communication

• Serve as the main point of contact for incident updates to executive leadership and stakeholders.
• Provide detailed, actionable reports during and after incidents, including root cause analysis and mitigation strategies.

3.Collaboration and Coordination

• Collaborate with Corporate CSIRT, Incident Command, Cyber legal, IT, risk management, Data Protection and other departments to ensure a unified response.
• Engage with third-party vendors, Managed Security Service Providers (MSSPs), and law enforcement when necessary.

4.Preparation and Readiness

• Develop, maintain, and test incident response plans, playbooks, and escalation procedures.
• Conduct regular tabletop exercises and simulations to train and prepare teams.

5.Post-Incident Activities

• Oversee the generation of post-incident reports and ensure lessons learned are incorporated into future planning.
• Recommend security enhancements to prevent recurrence of incidents.

6.
Compliance and Reporting

• Ensure compliance with industry regulations and organizational policies during incident response.
• Stay updated on emerging threats and trends in cybersecurity to improve response capabilities.

Minimum Qualifications

• At least 8+ years of experience in cybersecurity
• Demonstrated experience managing large-scale cybersecurity incidents.
• Strong understanding of regulatory requirements and industry standards (e.g., CSL, DSL, PIPL, GDPR, HIPAA, PCI-DSS).
• Excellent written and verbal communication abilities in English

Preferred Qualifications

• 3+ years in an incident response or leadership role.
• Certifications such as CISSP, CISM, GIAC Certified Incident Handler (GCIH), Security+, or Certified Information Systems Auditor (CISA) preferred.
• Exceptional leadership and decision-making under pressure.
• Strong analytical and problem-solving skills.
• Collaborative mindset with an ability to manage cross-functional teams.
• Ability to coordinate 24 x 7 cross geographic incidents.