Sr Mgr CyberSecurity Incident Response
Mountain America Credit Union · Sandy, UT · 2 wk ago
Information TechnologyFull-time
Job Description
LOCATION: UTAH
9800 S. Monroe Street
Sandy, UT 84070
SCHEDULE: Full-Time hybrid in-office with some remote days
Key Responsibilities
- Lead the enterprise cybersecurity incident response program, including preparation, detection, containment, eradication, and recovery activities.
- Serve as the executive incident commander for high-severity cybersecurity events, coordinating technical teams, business stakeholders, and leadership.
- Define and maintain incident response plans, playbooks, escalation models, and crisis communication procedures.
- Conduct executive-level briefings during and after incidents, including post-incident reports, root cause analysis, and lessons learned.
- Oversee breach investigations, digital forensics, and evidence preservation in coordination with Legal and Compliance.
- Lead tabletop exercises, red/blue team simulations, and ransomware readiness scenarios.
- Lead the organization’s brand protection efforts to safeguard reputation and identity.
- Lead proactive threat-hunting initiatives to identify advanced threats, vulnerabilities, and anomalous activities across the enterprise environment.
- Define and maintain incident response plans, playbooks, escalation models, and crisis communication procedures.
Insider Threat Program Leadership
- Own and operate the enterprise Insider Threat Program, addressing malicious, negligent, and compromised insider risks.
- Define insider threat detection, triage, investigation, and response processes across people, process, and technology.
- Partner with HR, Legal, Privacy, and Risk Management teams to ensure investigations are lawful and appropriate.
- Implement behavioral, technical, and contextual monitoring capabilities.
- Establish governance, oversight, and separation of duties for insider investigations.
Security Operations & Capability Maturity
- Collaborate with SOC leadership to enhance monitoring, alerting, and response automation.
- Drive continuous improvement using metrics and maturity models.
- Translate threat intelligence into actionable detection and response strategies.
Governance, Risk, and Compliance
- Ensure alignment with regulatory frameworks including NCUA, FFIEC, and NIST.
- Support audits, regulatory exams, and breach notification requirements.
- Partner with Risk Management and Internal Audit to remediate gaps.
Leadership & Influence
- Lead and mentor incident response and insider threat professionals.
- Partner across IT, Digital Solutions, Legal, HR, Communications, and executives.
- Act as a trusted advisor during high-impact and sensitive situations.
KNOWLEDGE, SKILLS, AND ABILITIES
- Reasonable accommodations may be made to enable individuals with disabilities to perform the essential job functions.
- Education And Experience: 6+ years of experience in cybersecurity operations or incident response with progressive responsibility. 5+ years in a leadership role responsible for cybersecurity operations or incident response. Financial services or regulated industry experience preferred. Bachelor’s degree in a related discipline or equivalent experience required.
- Licenses, Certifications, Registrations: CISSP strongly preferred. GCIH, GCFA, CISM, CISA, or GIAC certifications highly desirable.
- Other Skills And Abilities: Expertise in incident response and digital forensics. Strong understanding of insider threat risk and investigations. Executive-level communication and leadership under pressure. Proven ability to balance security, privacy, and business needs. Strategic thinking. Problem-solving skills. Verbal/written communication skills. Leadership and talent management skills. Public speaking skills.
Physical Abilities / Working Conditions
- Physical Demands: Ability to sit, talk and hear consistently. Vision Requirements: Close vision (clear vision at 20 inches or less), distance vision (clear vision at 20 feet or more), color vision (ability to identify and distinguish colors).
- Weight Lifted or Force Exerted: Ability to lift up to 10 pounds frequently and up to 25 pounds occasionally.
- Environmental: There are no unusual environmental factors (such as a typical office). Noise Environment: Moderate noise (business office with computers and printers, light traffic).