The Cisco Talos Incident Commander will work within established methodologies to perform a variety of Incident Response related activities for Cisco customers this will include emergency response to cyber incidents. It will from time to time also include proactively hunting for adversaries in customer networks, crafting and performing Table-Top Exercises, and performing IR Readiness Assessments. The Incident Commander will also be responsible for leading and working on projects that will support tactical and strategic business objectives. Demonstration of leadership abilities, clear and concise communication with a variety of team members, ability to lead during a crisis, personal agility to adapt to changing environments, and a strong comprehension of malware, emerging threats and calculating risk will be critical to success.
Who You’ll Work WithWhen you work with us, you will be part of a global team of highly empowered Incident Response and Cyber Threat Intelligence professionals who work as a collaborative team passionate about helping our clients be both better prepared to defend against adversaries on their network, as well as responding to active incidents within their network.
Who You AreBoth your clients and your colleagues consider you a personable, eloquent individual, and a born diplomat. You check your ego at the door and learn from others constantly, while also helping to educate those who are not as proficient as you are in technical or procedural topics. As a result, you have a track record of working diligently to help your clients and teammates and have even come up with some novel techniques in your time.
Required SkillsRespond to cyber incidents caused by internal and external threats to our customers, which may involve nontraditional working hoursMust be willing to occasionally travel with less than 24-hour notice, up to 20% of the timeCan clearly communicate the Incident Response Lifecycle and the Kill Chain (Charge) Life Cycle.Demonstrate capability to map technical findings to business impacts and communicate those in a manner which is understandable by a non-technical audience.Be able to scope an incident, gain consensus on objectives with customers, and lead a team of incident response consultants during an emergency engagementSpecialize in host centric analysis applying a variety of tools (e.g., F-Response, X-Ways, Volatility, Cisco Secure Endpoint, etc.)Design, lead and participate in Table-Top Exercises with customersProactively seek for adversaries on customer networks maximising a variety of tools and techniquesLead and perform Incident Response Readiness Assessments for customersDraft communications, assessments, and reports that may be both internal and customer facing, to include leadership and executive managementUnderstanding of different charges and how best to craft custom detection, containment, and remediation plans for customersServe as a liaison to different businesses and interface with fellow team members and colleagues on other security teams. As needed, manage relationships with business partners, management, vendors, and external partiesLead projects as advisedBe a champion for the process. Develop and document processes to ensure consistent and scalable response operations.Demonstrate industry leadership through blog posts and public speaking at conferences and eventsBachelors' Degree in Computer Science or a related technical degree; or equivalent industry experience.Minimum 5 years of experience in information security and 4 years of experience handling incidentsMust be willing to be on-call and work off-shift hours, to include nights, weekends, and holidaysDesired CharacteristicsDetailed understanding of current cyber security threats, charges, and countermeasures. Such as Ransomware, Cyber Crime, Hacktivism, and associated tactics and techniques.
Consistent track record of understanding, and curiosity about, recognized IT Security-related standards and technologies, proven through training, job experience and/or industry activities.
IT Security CertificationsIndustry certifications such as the CISSP, CISM, CISA, GCIH, CFCE, GFCA, and/or GCFE
Why Cisco Talos IRWe always strive to do the right thing, for our team, for our customers, and for the world!
Why Cisco?
#WeAreCisco. We are all unique, but collectively we bring our talents to work as a team, to develop innovative technology and power a more inclusive, digital future for everyone. How do we do it? Well, for starters – with people like you!
Nearly every internet connection around the world touches Cisco. We’re the Internet’s optimists. Our technology makes sure the data traveling at light speed across connections does so securely, yet it’s not what we make but what we make happen which marks us out. We’re helping those who work in the health service to connect with patients and each other; schools, colleges, and universities to teach in even the most challenging of times. We’re helping businesses of all shapes and sizes to connect with their employees and customers in new ways, providing people with access to the digital skills they need and connecting the most remote parts of the world – whether through 5G, or otherwise.
We tackle whatever challenges come our way. We have each other’s backs, we recognize our accomplishments, and we grow together. We celebrate and support one another – from big and small things in life to big career moments. And giving back is in our DNA (we get 10 days off each year to do just that).
We know that powering an inclusive future starts with us. Because without diversity and a dedication to equality, there is no moving forward. Our 30 Inclusive Communities, that bring people together around commonalities or passions, are leading the way. Together we’re committed to learning, listening, caring for our communities, whilst supporting the most vulnerable with a collective effort to make this world a better place either with technology, or through our actions.
So, you have colorful hair? Don’t care. Tattoos? Show off your ink. Like polka dots? That’s cool. Pop culture geek? Many of us are. Passion for technology and world changing? Be you, with us! #WeAreCisco