Cyber Security Consultant

Top 3-5 Must Have Skills for the Position:

• Executive-facing leadership and communication presence; ability to engage Legal, C-suite, and CISO effectively during incidents; strong incident communications leadership, including clear, effective C-suite communication during major incidents.
• Strong incident response technical background (prior hands-on IR experience) to mentor, guide, and set technical direction, without being hands-on in the role; deep technical cybersecurity knowledge sufficient to vet candidates and train/mentor the team, even if not hands-on during incidents.
• Proven ability to build and formalize IR processes: documentation, playbooks, runbooks, incident plans, and readiness exercises; process design, documentation excellence, and governance to ensure consistent, effective incident handling and operations.
• On-call, high-pressure incident mindset; willingness to handle unpredictable hours, urgent escalations, and possibly travel for major incidents; experience leading remote, globally distributed teams; ability to mentor and upskill a maturing IR function; experience in a global/large-scale enterprise.
• Familiarity with industry-standard security toolsets (e.g., EDR like CrowdStrike, Zscaler, WAFs like Akamai, SIEMs like Splunk/Cribl) and ability to consult with architecture/engineering; experience with regulatory/maturity frameworks (e.g., understanding of CMMC environment) to improve oversight and interaction with existing mature systems; US Citizenship is non-negotiable due to ITAR; experience in regulated environments (finance minimum; ITAR/CMMC plus).

Job Description:

The Senior Manager of Incident Response is the leader responsible for global incident detection and response capabilities. This role provides strategic direction and operational leadership for a globally distributed incident responsible team tasked with protecting our Corporation and its Operating Companies (OpCos).

Serving as the primary incident commander during significant security events, this leader ensures disciplined execution and clear executive decision support. The role combines deep technical expertise in digital forensics and incident response (DFIR) with executive presence, sound judgement, and composure under pressure.

A critical component of this position is maintaining alignment with US International Traffic in Arms Regulations (ITAR) and Cybersecurity Maturity Model Certification (CMMC) requirements, reinforcing our commitment to operational resilience, regulatory rigor, and risk-informed governance.

Key Responsibilities

• Lead, mentor, and scale a 24/7 global response team, overseeing talent strategy, performance management, and professional development to deliver a high-performance culture grounded in technical excellence, accountability, continuous learning, and rapid disciplined execution.
• Serve as the primary incident commander for significant and enterprise-impacting security events. Direct and coordinate cross-functional response efforts across IT, Legal, HR, Communications, executive leadership, and external partners to ensure rapid containment, recovery, and resolution.
• Own and continuously improve incident response processes to ensure adherence to ITAR data sovereignty requirements and CMMC Level 1-3 requirements.
• Ensure accurate, defensible incident reporting, documentation, and audit readiness aligned with regulatory and legal expectations.
• Define and execute the long-term incident response strategy and roadmap, including the adoption of advanced Security Orchestration, Automation, & Response (SOAR) capabilities and Extended Detection & Response (XDR) frameworks.
• Drive measurable improvements in Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR) through process optimization, tooling, and skills development.
• Develop, maintain, and mature incident response plans, playbooks, and tabletop exercises to ensure organizational readiness across global business units.
• Lead post-incident reviews and translate lessons learned into actionable improvements controls, processes, and response capabilities.
• Translate complex technical findings into clear, concise, risk-based reports for C-Suite during and following significant security events.
• Serve as a trusted advisor to senior leadership on response readiness, cyber resilience, and incident risk posture.
• Oversee proactive threat hunting initiatives and integrate tactical threat intelligence into the incident lifecycle.
• Advance the organization from reactive response to predictive, data-driven defense.

Qualifications

• 10 years of progressive experience in Cyber Security within a large-scale global enterprise.
• 5 years in a dedicated incident response leadership role.
• Professional certifications such as CISSP, GCIH, GCFA, or CISM are highly desirable.
• Bachelor’s degree in computer science, Cyber Security, or a related field. A master’s degree is a plus.
• Demonstrated experience managing security operations within ITAR-controlled environments.
• Strong working knowledge of CMMC frameworks, compliance, and response requirements.
• Proven track record of managing global teams across multiple time zones and cultures.
• Experience managing third-party Managed Security Service Providers (MSSPs) preferred.
• Demonstrated ability to lead decisively during high-pressure, high-visibility security events.
• Ability to balance deep technical analysis with risk management and business priorities.
• Strong judgement in ambiguous environments and scenarios with incomplete information.
• Exceptional written & verbal communication skills, including delivery of clear messaging during high-stress events.
• Hands-on experience with EDR / XDR platforms, SIEM technologies, and forensic toolsets.
• Strong knowledge of MITRE ATT&CK framework and cloud security architecture.
• Due to ITAR requirements, candidates must be a "U.S. Person" as defined by 22 C.F.R.
• 120.15 (U.S. Citizen, permanent resident, or protected individual).