Detection and Response Manager

🕒 3 dias atrás

🇺🇸 Estados Unidos – Remoto (EUA)

💵 $100.100 - $223.080 / ano

⏰ Tempo Integral

🟡 Pleno

🟠 Sênior

👔 Gerente

🦅 Patrocina Visto H1B

Esta empresa já patrocinou vistos H1B no passado.

Candidatar-se

Encontrar Vagas Remotas Similares

Receber Emails de Vagas Remotas

📊 Verifique sua pontuação de currículo para esta vaga

Melhore suas chances de conseguir uma entrevista verificando sua pontuação de currículo antes de se candidatar.

Enviar Currículo

PNC

SiteLinkedInTodas as Vagas

10.000+ funcionários

Fundada em 1845

💸 Finanças

🏦 Bancário

👥 RH Tech

Finance • Banking • HR Tech

O PNC é uma empresa de serviços financeiros diversificados que está comprometida em promover um ambiente de trabalho inclusivo e acessível. Oferece uma cultura vibrante onde os funcionários podem prosperar, reconhecendo a importância da diversidade e do envolvimento com a comunidade. O PNC está dedicado a proporcionar um ambiente de apoio ao crescimento profissional e oferece várias oportunidades para estudantes, formados e veteranos. A empresa foi reconhecida nacionalmente por seu compromisso com a igualdade de gênero e deficiência e por ser um dos principais empregadores. O PNC oferece oportunidades iguais a todos os indivíduos qualificados e garante o cumprimento das leis trabalhistas.

Descrição

• Lead day‑to‑day Detection and Response activities, ensuring timely detection, triage, investigation, and response to security events. • Ensure 24/7 incident response readiness by maintaining and managing the on‑call rotation, including scheduling, escalation paths, and service‑level expectations. • Serve as the owner for incident response execution, including initial containment, escalation, incident declaration, and forensic coordination. • Act as the primary technical lead and liaison during high‑severity incidents, collaborating with Infrastructure, Engineering, Legal, and Executive leadership. • Oversee the development, tuning, and continuous improvement of SIEM detections, alerting logic, and correlation rules. • Drive integration of internal and external Threat Intelligence to enhance visibility and detection capabilities. • Produce operational metrics and performance reporting focused on detection coverage, MTTD/MTTR, case handling quality, and tooling efficacy. • Evaluate and implement new technologies, integrations, and automation opportunities to reduce manual workload and enhance response capabilities. • Own and maintain incident response playbooks, SOPs, escalation paths, and response frameworks. • Ensure regulatory, contractual, and internal stakeholder notifications are initiated and documented when required. • Manage post-incident activities, including after-action reviews, corrective actions, and measurable improvements. • Lead readiness activities such as tabletop exercises, red/blue/purple team scenarios, and simulation‑based training. • Ensure incident response posture aligns with organizational risk appetite, audit requirements, and industry best practices. • Direct and mentor analysts in investigations, incident handling, and operational processes. • Execute staffing decisions, performance evaluations, onboarding, and the professional development pipeline for analysts. • Identify operational gaps and recommend technical or process improvements to mature the detection and response program. • Champion a culture of continuous improvement, documentation discipline, and analytical excellence.

🎯 Requisitos

• Bachelor's degree in Computer Science, Information Security, Engineering, or a related field (or equivalent experience). • CCSP, CISSP, GCIA, GCIH, GCFA, CySA+ or equivalent certifications. • 5+ years of experience leading security operations, incident response, digital forensics, or security engineering. • Demonstrated ability to lead incident response activities from detection through containment, eradication, recovery, and post incident review. • Experience performing root cause analysis, log analysis, and threat investigation. • Exposure to compliance frameworks such as PCI DSS, SOC 2, HIPAA, and FedRAMP. • Strong understanding of cybersecurity fundamentals, including networking, operating systems, endpoint security, cloud security, and identity access management. • Hands-on experience with SIEM platforms (e.g., Elastic, Splunk), EDR tools, IDP/IPS, and other monitoring technologies. • Expertise with incident handling methodologies and frameworks such as NIST 800 61, ISO 27035, and MITRE ATT&CK. • Proficiency in incident management tools and ticketing systems (e.g., Jira, ServiceNow). • Excellent ability to translate technical details into clear, actionable communication for both technical and non-technical stakeholders. • Strong communication and interpersonal skills with the ability to manage stressful situations. • Strong organizational skills with the ability to prioritize and manage multiple concurrent incidents and tasks. • Excellent problem-solving, analytical, and decision-making skills.

🏖️ Benefícios

• medical/prescription drug coverage (with a Health Savings Account feature) • dental and vision options • employee and spouse/child life insurance • short and long-term disability protection • 401(k) with PNC match • pension and stock purchase plans • dependent care reimbursement account • back-up child/elder care • adoption, surrogacy, and doula reimbursement • educational assistance, including select programs fully paid • a robust wellness program with financial incentives • maternity and/or parental leave • up to 11 paid holidays each year • 9 occasional absence days each year, unless otherwise required by law • between 15 to 25 vacation days each year, depending on career level; and years of service