CSIRT (Cyber Security Incident Response Team) Manager

Remote

People.ai logo

People.ai

People.ai automates manual data entry, increases sales productivity, and provides actionable intelligence across all your management tools.

View all employer listings

Apply now Apply later

People.ai accelerates enterprise growth through the power of AI. With the industry’s only Revenue Intelligence System, People.ai frees all customer-facing teams, including salesmarketing, and customer success, from manual data entry by automatically capturing all contact and customer activity data, dynamically updating CRM and other systems of record, and providing actionable intelligence across management tools to realize the full selling capacity of the enterprise. Some of the world’s best brands are leveraging People.ai to transform their business, including Lyft, New Relic, Okta, Tanium, and Zoom.
At People.ai, we believe that people enrich the world around them in countless ways. We believe that the more time they spend applying their creativity, resourcefulness and critical thinking to activities that matter most in their professional life, the more effective a professional they become. We're developing a deep understanding of the professional world, mapping people, companies, and the information that flows between them through natural language processing and machine learning. Our team is a diverse, outspoken group of creatives and critical thinkers, hyper-focused on driving enterprise growth. We embrace different. We applaud non-traditional career paths. We're inspired by people who have made processes their own. 

Trust is the #1 InfoSec value.  Are you the type of person that seeks out roadblocks or tough organizational issues and views those as an opportunity? Do you think of creative solutions to complex problems and solve them? Are you interested in driving product and program excellence in an enterprise scale automated vulnerability assessment environment that collects vulnerability data from hosts across the stack and turns it into meaningful actionable security intelligence? If so Join People.ai!!  Build a forward-looking, innovative world-class Information Security organization that our Customer, Partners and Employees Trust.  The CSIRT (Cyber Security Incident Response Team) Manager will be responsible for managing/building a high-performing security incident response and threat intelligence capabilities to protect Peole.ai today and for the future.   The manager would also be responsible for overseeing the Incident Response Program, which will include maturing the processes and the team in alignment with the goals of People.ai. In this role, you will be responsible for responding to security threats facing the company. You will build meaningful relationships with teams and management in many People.ai business units to drive implementation, execution, metrics, and sustainability of program objectives that allow security operations to continuously improve our ability to protect and respond to vulnerabilities and threats to our world-wide footprint. An ideal candidate is an experienced, highly motivated leader that embraces the opportunity to influence and evangelize security across the organization.

Responsibilities

  • Build Incident Response Capabilities
  • Establish IR procedures and processes.
  • Build IR playbook for the 1-4 scenarios, e.g., Ransomware, Cryptomining, Malware, IR Computer Forensics  
  • Execute 2-4 Disaster Recovery and Business Continuity scenarios.
  • Conduct 2-4 training to the company on IR procedures and processes.
  • Establish the root causes of issues and tackle them, rather than just the symptoms.
  • Build the day-to-day operations of the cybersecurity incident response queue in the United States, including addressing incoming escalations from executives.
  • Build the Threat Intelligence program, including identification, documentation and reporting on potential threats to the People.ai environment.

  • Operational Enrichment
  • Single Point of Contact for major events.
  • Manage incident response and forensic investigations, malware analysis, and red/purple team exercises.
  • Review incidents to ensure assigned resources are providing proper support to drive resolution as quickly as possible and adhere to People.ai’s incident response process.
  • Work with analysts to identify malicious activity and correlated events, evaluate known indicators of compromise (IOCs), and coordinate the appropriate containment steps through the incident management process.
  • Perform post-incident review of the process and steps are taken to remediate an incident, suggest and implement improvements in the environment (such as improving technical controls) and/or improve the incident response process.
  • Keep up to date on information security threats and countermeasures.
  • Work as an internal security consultant, including operational oversight of cybersecurity solutions, including SIEM, MSSP, MDR, firewall, VPN infrastructure, secure web gateway, etc.
  • Development of metrics to quantify and monitor key process indicators (KPIs).
  • Identify and communicate potential threats, such as zero-day vulnerabilities and third party incidents that may impact the People.ai services.

  • Build Growth Plan and Communication   
  • The primary objective of this position is to update and execute the IR go-to-market strategy.
  • Establish the 12-18 months roadmap for the IR organization.
  • Recommend security enhancements and purchases consistent with information security strategy and evolving threats.
  • Ensure alignment and sound execution of the incident resolution process, with transparent communication to stakeholders and senior leadership.
  • Present security analysis, action plan and risks to different audiences and adjust the delivery accordingly (business, technical and management) using structured presentations.
  • Support our GRC leader in prioritization and delivery of security audit artifacts for internal and external security audits.
  • Effectively collaborate within Information Security teams as well as external teams in various lines-of-business to enable enhancements in response plans.

Requirements

  • Manage/build and develop, a tactical and strategic high performing Cyber Security Incident Response Team (CSIRT) and program.
  • First point of contact for internal and external incident reports, including outsourced Level 1 Incident response operations.
  • Effective interpersonal skills, out-of-the-box thinking and ability to interface with stakeholders, business and legal partners at all levels.
  • Must have the ability to interpret information security data and processes to identify potential security events.
  • Experience developing content or detection mechanisms in line standard frameworks, for example the MITRE ATT&CK or the Cyber Kill Chain frameworks.
  • SME in at least two to three of the following: Threat and Vulnerability Management, Forensics, Threat Hunting and Red/Purple Teaming, Network/Firewall controls and/or Penetration Testing.
  • Proven experience with investigating cloud security incidents on AWS/GCP/Azure (AWS-Prefered) following well-known industry standards/framework/benchmark (MITRE, NIST, CIS or equivalent).
  • Knowledge on securing\monitoring containerized environments (Kubernetes, S3) Familiarity with multiple regulation and compliance standards such as NIST, ISO27001, SOC, HIPAA, GDPR, FedRAMP, etc.
  • Fundamental knowledge of core security concepts, including cloud skills (AWS-Prefered), networking and architecture.
  • Familiarity with automating security flows (SOAR) and threat intelligence.
  • The ideal candidate will have the following certifications: Certified Information Systems Security Professional (CISSP) OR Certified Information Security Manager (CISM).
  • Bachelor’s Degree In Computer Science or related discipline.
  • Ability to recruit, mentor, lead and build a success path for highly quality team individuals and work as a team.
  • Must have the ability to handle multiple projects concurrently.
  • Must have excellent time management skills including the ability to prepare, prioritize and complete work plans independently.
  • Must have demonstrated ability to work with geographically diverse offices in a global organization.
  • Must have decision-making and problem-solving skills including the ability to clearly define and resolve issues.
People.ai stands alone in our ability to harness business activity to unlock growth for our customers. We’ve been awarded 49 patents and have an additional 50+ under review. We’ve also received validation via Gartner’s Hype Cycle for CRM Sales Technology, inclusion in Forrester’s New XX Wave, the Y Combinator Top Companies List, and the Forbes AI 50 list.
Headquartered in Redwood City, CA, People.ai is backed by Y Combinator and Silicon Valley’s top investors, including ICONIQ Capital, Andreessen Horowitz, Lightspeed Venture Partners, Akkadian Ventures, and Mubadala Capital. To learn more, visit us online at: www.people.ai"
#LI-Remote
Job region(s): Worldwide/Anywhere
Job stats:  5  1  0
  • Share this job via
  • or

Explore more Remote Work and WFH career opportunities