VP Cyber Security Incident Detection & Response
SECU · Raleigh-Durham-Chapel Hill Area · 3 mo ago
Information TechnologyFull-time
Essential Responsibilities
- Lead, mentor, and develop a team of security professionals dedicated to incident detection, triage, investigation, response, SIEM engineering, and forensics.
- Oversee the design, implementation, and optimization of security incident detection and response processes, ensuring rapid and effective containment and resolution of threats. Lead post-incident reviews and root-cause analyses to drive continuous improvement in security posture and incident handling.
- Develop and maintain incident response plans, playbooks, and escalation procedures aligned with industry best practices. Collaborate with cross-functional teams, including IT, legal, compliance, and risk management, to coordinate incident response efforts and ensure regulatory compliance.
- Manage and enhance the Security Information and Event Management (SIEM) infrastructure to ensure comprehensive monitoring, threat detection, and actionable alerting.
- Provide regular reporting and updates to executive leadership regarding incident trends, response effectiveness, and emerging threats.
- Stay abreast of the latest cybersecurity trends, attack techniques, and technologies to continuously improve the team’s capabilities. Foster a culture of proactive threat hunting and ongoing training within the incident response team.
Required Education & Experience
- Bachelor’s degree and 7 years of direct experience with at least 1 year of experience in a leadership role.
- Must have Information technology and/or financial Institution or related field experience.
- 7 total years of experience in cybersecurity with 5 years of incident response, SOC operations or related field.
- Expertise with security incident management: collection, detection, triage, investigation and response, collection monitoring, proactive threat hunting, SIEM and detection engineering, reporting and metrics.
Preferred Education & Experience
- Bachelor’s degree in computer science, Information Security, or related field.
- 7 total years of experience in cybersecurity with 5 years of incident response, SOC operations or related field. With 2 years in a supervisory or lead role.
- Relevant certifications (e.g., CISSP, CISM, GSOM, GCIA, GCIH, GCFA) or other relevant industry certification and/or desire to obtain such certifications.