Cybersecurity Incident Manager

Meet the Team
We are looking for a seasoned, detail-oriented Security Incident Manager to join our security team. The Cybersecurity Incident Manager is a senior role responsible for managing, documenting and communicating enterprise-level cybersecurity incidents. This crucial role involves the careful documentation and management of security incidents, ensuring our response is thorough and aligned with compliance and regulatory requirements. The Security Incident Manager will act as a key liaison between the central Security Operations Center (SOC) and internal stakeholders, facilitating clear communication with senior leadership and driving incident resolution. This individual will drive teams to ensure timely detection, containment, eradication, and recovery from cyber threats while minimizing operational disruptions.
Your Impact
Incident Response Leadership
* Lead all phases of incident response, including detection, analysis, containment, eradication, recovery and communication.
* Act as the primary decision-maker during cybersecurity incidents, coordinating efforts across technical and business teams.
* Ensure adherence to the organization's incident response framework and regulatory requirements.
2. Strategic Communication
* Serve as the main point of contact for incident updates to executive leadership and stakeholders.
* Provide detailed, actionable reports during and after incidents, including root cause analysis and mitigation strategies.
3. Collaboration and Coordination
* Collaborate with Corporate CSIRT, Incident Command, Cyber legal, IT, risk management, Data Protection and other departments to ensure a unified response.
* Engage with third-party vendors, Managed Security Service Providers (MSSPs), and law enforcement when necessary.
4. Preparation and Readiness
* Develop, maintain, and test incident response plans, playbooks, and escalation procedures.
* Conduct regular tabletop exercises and simulations to train and prepare teams.
5. Post-Incident Activities
* Oversee the generation of post-incident reports and ensure lessons learned are incorporated into future planning.
* Recommend security enhancements to prevent recurrence of incidents.
6. Compliance and Reporting
* Ensure compliance with industry regulations and organizational policies during incident response.
* Stay updated on emerging threats and trends in cybersecurity to improve response capabilities.
Minimum Qualifications
* At least 8+ years of experience in cybersecurity
* Demonstrated experience managing large-scale cybersecurity incidents.
* Strong understanding of regulatory requirements and industry standards (e.g., CSL, DSL, PIPL, GDPR, HIPAA, PCI-DSS).
* Excellent written and verbal communication abilities in English
Preferred Qualifications
* 3+ years in an incident response or leadership role.
* Certifications such as CISSP, CISM, GIAC Certified Incident Handler (GCIH), Security+, or Certified Information Systems Auditor (CISA) preferred.
* Exceptional leadership and decision-making under pressure.
* Strong analytical and problem-solving skills.
* Collaborative mindset with an ability to manage cross-functional teams.
* Ability to coordinate 24 x 7 cross geographic incidents.
#WeAreCisco
#WeAreCisco where every individual brings their unique skills and perspectives together to pursue our purpose of powering an inclusive future for all.
Our passion is connection-we celebrate our employees' diverse set of backgrounds and focus on unlocking potential. Cisconians often experience one company, many careers where learning and development are encouraged and supported at every stage. Our technology, tools, and culture pioneered hybrid work trends, allowing all to not only give their best, but be their best.
We understand our outstanding opportunity to bring communities together and at the heart of that is our people. One-third of Cisconians collaborate in our 30 employee resource organizations, called Inclusive Communities, to connect, foster belonging, learn to be informed allies, and make a difference. Dedicated paid time off to volunteer-80 hours each year-allows us to give back to causes we are passionate about, and nearly 86% do!
Our purpose, driven by our people, is what makes us the worldwide leader in technology that powers the internet. Helping our customers reimagine their applications, secure their enterprise, transform their infrastructure, and meet their sustainability goals is what we do best. We ensure that every step we take is a step towards a more inclusive future for all. Take your next step and be you, with us!
Cisco is an Affirmative Action and Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, national origin, genetic information, age, disability, veteran status, or any other legally protected basis.
Cisco will consider for employment, on a case by case basis, qualified applicants with arrest and conviction records.