Secureworks® (NASDAQ: SCWX) a global cybersecurity leader, enables our customers and partners to outpace and outmaneuver adversaries with more precision, so they can rapidly adapt and respond to market forces to meet their business needs. With a unique combination of cloud-native, SaaS security platform and intelligence-driven security solutions, informed by 20+ years of threat intelligence and research, no other security platform is grounded and informed with this much real-world experience. www.secureworks.com

We enjoy competitive compensation and benefits packages, and reward and recognize our employees for exceptional results. A constant focus on continued learning and growth keeps our team members engaged and excited about “what’s next.” We offer flexible work options when available, and emphasize the importance of work-life balance. We know that when our people are rewarded, recognized, and rejuvenated, we win as a team. 

Role Overview

The IR Incident Commander is a senior level consultant, who leads the response to our customers' major cybersecurity incidents, coordinating with customers, Secureworks teams and partners to effect an expeditious and secure recovery of business operations. 

This position requires up to 25% travel with possible extended assignments for large incidents.

Role Responsibilities

• Serve as a trusted advisor and subject matter expert to customers and guide customers' senior leadership through managing business impacts and risk mitigation associated with a cyber incident or data breach ensuring customer satisfaction

• Act as the incident commander in specific engagements and lead company remediation functions coordinating with IR and Threat Intelligence delivery teams to handle inquiries, briefings, and customer-facing status reports in a variety of formats.

• Develop incident response containment plans and remediation strategies; present strategic and tactical plans both orally and in written reports for customers and all involved third parties.

• Execute and enhance incident command and remediation workflows, ensuring that defined standards are suitable to support multiple IR service delivery teams for cyber incidents ranging from single system compromises, full network intrusions, and crisis events.

• Participate in customer outreach and service delivery checkpoint efforts for enterprise tier and incident management retainer customers.

• Participate in the technical peer review process for cyber incident response and threat hunting engagement deliverables.

• Coordinate with IR and Threat Intelligence delivery teams to handle inquiries, briefings, and customer-facing status reports in a variety of formats.

Minimum Requirements

• Professional degree relevant to technology or cybersecurity or 10+ years of equivalent documented experience in described role tasks. 

• Strong technical communication skills (oral and written) and customer demeanor, including experience briefing executive management and a desire to work with customers to solve complex cybersecurity events and crisis situations

• Strong understanding of cyber threat actor intrusion techniques and the ability to create customized strategic and tactical remediation plans for compromised organizations

• Minimum ten (10) years of experience in cybersecurity operations or in incident response

• Minimum three (3) years managing an Incident Response Team

• 10-12 years of relevant experience or equivalent combination of education and work experience

• Ability to travel on short notice, up to 25% of the time.

Preferred Skills

• Technical or professional certifications such as CISSP, CISA, CISM, or GCFE

• Experience mentoring and  leading teams of technical staff

• Former CISO or senior security leader in a business

• Former law enforcement with expertise in large cyber crime cases or former military with experience managing military cyber defense capabilities

• Experience managing and conducting cyber incident response investigations for nation state threat actors, organized cyber crime, and hacktivists

• Proven track record in developing/cultivating  IR business and customer relationships

• Minimum three (3) years of experience in project management methods

• International data privacy and cybersecurity control regulatory framework knowledge and experience