VMware Security Incident Manager - Opportunity for Working Remotely in Indianapolis, Indiana
This role is fully remote and can be done anywhere in the US.
Why will you enjoy this new opportunity?
You shall assume ownership of Incident Management function for the region you would be based out of, serving the Incident Response teams by managing the Incident and enabling technical staff to focus on the investigation. If you love to take ownership and lead recovery, while navigating the chaos of an Incident, then this role is for you! We are growing at a rapid pace and need an experienced Incident manager to orchestrate the response, you shall have support from experienced DFIR professionals, Threat Hunters and Incident Responders in this endeavor. You will get to do all this, while enjoying the company of team members, who love memes and gifs. Above all, you get to work in a culture where new ideas and calculated risks are strongly encouraged and appreciated.
As this is a Senior Level position, we are seeking candidates with extensive experience in challenging environments and managing Information Security Incidents, ideally with a background in Incident Response. In collaboration with a global team of fellow Incident Managers.
What is primary need, technical challenge, and/or problem you will be responsible for?
We are looking for someone who can collaboratively build a program that caters to the Incident Response function, by managing the Incidents. You shall be playing a pivotal role, right from the preparation stage by ensuring that proper workflows are in place with critical stakeholders (Legal, Privacy, Product Security Incident Response and other Service oriented Incident Management teams) and all the way to the Post-Incident stage by coordinating and conducting lessons learned, with a “customer first” and service-oriented mindset.
Success in the Role: What are the performance goals over the first 6-12 months you will work toward completing?
Develop Key Incident Management and Escalation workflows with Response teams (Detection and Response team and Security Intelligence and Response Team)
Develop Metrics and KPIs to identify key areas of development across the Incident Response Lifecycle
Develop and publish schedules to conduct live fire/table-top exercise with the response teams
Develop efficient Incident communication templates (Including, but not limited to Executive Update Templates, Incident Report templates etc.)
Work with service-oriented Incident management teams to develop cross functional workflows, to ensure seamless flow of information and task hand overs among the various stakeholders
What type of work will you be doing? What assignments, requirements, or skills will you be performing on a regular basis?
You would be responsible for establishing a Cross Functional Incident Handling Team (when an Incident occurs) and engage the resources (varying from technical resources like Incident Responders to key stakeholders like Legal, Privacy, Corporate Communications, Product Security etc.) needed to remediate the incident, and actively manage the Incident through closure
You would define key SLOs that need to be in place for Incident Management (Around reporting to Executives, Timely reports to key stakeholders etc.) and ensure that all key details are being accurately captured in the Incident Management Platform during the Incident and hand-off post incident action items to the relevant teams
You would assist with internal/external audit requests around Incident Response
You would handle all communications (Shift Hand over Updates, Executive Updates, Incident reports) during/after an Incident
You would conduct and document Lessons learned regularly and hand-off post incident action items to the relevant teams
Document key risks after Incident closure, bring attention to top risks and drive remediation with concerned teams
Assist with management of customer queries related to impact from breach/vulnerabilities, in association with Legal and Governance Teams
You would be responsible for keeping the Incident Processes/Procedures up to date
You would conduct tabletop exercises with response teams every quarter
You would be working with globally dispersed teams, ability to connect with your peers across the globe is essential for success in this role
Required Skills and Experience
Prior experience in Security Incident Management, preferably at a multi-national entity
Strong Understanding of Threat Landscape and hands on experience in Incident Response
Ability to function in high stress situations with utmost professionalism and a sense of urgency to address an Incident
Excellent written and verbal communication skills, ability to present to technical and non-technical audience
Keen eye for attention to detail and self-driven approach to identifying and solving problems
This position occasionally requires being available outside of regular office hours and weekends, during Incidents.
Over 5 years of experience in managing security incidents
Bachelor’s degree in Information Technology/Systems/Security or related field
Incident Response related SANS Certifications or other Security related certifications
Strong understanding of Problem Management and Crisis Management
Familiarity with ITIL Service Management methodology
What is the leadership like for this role? What is the structure and culture of the team like?
The Hiring Manager for this role is Karthik Yetukuri, Sr. Manager, Security Intelligence and Response Team (SIRT). He has experience working in trenches defending the organizations, in diverse Technical and Leadership roles. He has been with VMware for over 3 years now. He believes that leadership is not defined by title and encourages his team members to be leaders and live the values they all bring to the team. He looks for people who can think creatively to solve problems and do so while being collaborative and courteous. The Team consists of DFIR Specialists, Threat Intel Analysts and Threat Hunters. The teams work regular work hours with on-call rotation during the weekends (once every 8 weeks).
“This job requisition is not eligible for employment-based immigration sponsored by VMware.”
Category : Engineering and Technology
Subcategory: Information Security
Experience: Business Leadership
Full Time/ Part Time: Full Time
Posted Date: 2021-05-20
VMware Company Overview: At VMware, we believe that software has the power to unlock new opportunities for people and our planet. We look beyond the barriers of compromise to engineer new ways to make technologies work together seamlessly. Our cloud, mobility, and security software form a flexible, consistent digital foundation for securely delivering the apps, services and experiences that are transforming business innovation around the globe. At the core of what we do are our people who deeply value execution, passion, integrity, customers, and community. Shape what’s possible today at http://careers.vmware.com.
Equal Employment Opportunity Statement: VMware is an Equal Opportunity Employer and Prohibits Discrimination and Harassment of Any Kind: VMware is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at VMware are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV Status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. VMware will not tolerate discrimination or harassment based on any of these characteristics. VMware encourages applicants of all ages. Vmware will provide reasonable accommodation to employees who have protected disabilities consistent with local law.
- VMware Jobs