Detection and Response Manager

🕒 vor 8 Tagen

🇺🇸 Vereinigte Staaten – Remote

💵 $100.100 - $223.080 / Jahr

⏰ Vollzeit

🟡 Mittelstufe

🟠 Senior

👔 Manager

🦅 H1B-Visum-Sponsor

Dieses Unternehmen hat in der Vergangenheit H1B-Visa gesponsert.

Jetzt Bewerben

Ähnliche Remote-Jobs finden

E-Mails für Remote-Jobs erhalten

📊 Überprüfen Sie Ihre Lebenslauf-Bewertung für diese Stelle

Verbessern Sie Ihre Chancen auf ein Vorstellungsgespräch, indem Sie Ihre Lebenslauf-Bewertung vor der Bewerbung überprüfen.

Lebenslauf hochladen

PNC

WebsiteLinkedInAlle Stellen

10.000+ Mitarbeiter

Gegründet 1845

💸 Finanzen

🏦 Bankwesen

👥 HR Tech

Finance • Banking • HR Tech

PNC ist ein diversifiziertes Finanzdienstleistungsunternehmen, das sich der Förderung eines inklusiven und barrierefreien Arbeitsplatzes verschrieben hat. Es bietet eine dynamische Unternehmenskultur, in der Mitarbeiter florieren können und erkennt die Bedeutung von Vielfalt und gesellschaftlichem Engagement an. PNC ist bestrebt, ein unterstützendes Umfeld für berufliches Wachstum zu bieten und offeriert diverse Möglichkeiten für Studenten, Absolventen und Veteranen. Auf nationaler Ebene wurde das Unternehmen für sein Engagement für Geschlechter- und Behindertengleichheit sowie als Top-Arbeitgeber anerkannt. PNC bietet allen qualifizierten Personen Chancengleichheit und gewährleistet die Einhaltung der Arbeitsgesetze.

Beschreibung

• Lead day‑to‑day Detection and Response activities, ensuring timely detection, triage, investigation, and response to security events. • Ensure 24/7 incident response readiness by maintaining and managing the on‑call rotation, including scheduling, escalation paths, and service‑level expectations. • Serve as the owner for incident response execution, including initial containment, escalation, incident declaration, and forensic coordination. • Act as the primary technical lead and liaison during high‑severity incidents, collaborating with Infrastructure, Engineering, Legal, and Executive leadership. • Oversee the development, tuning, and continuous improvement of SIEM detections, alerting logic, and correlation rules. • Drive integration of internal and external Threat Intelligence to enhance visibility and detection capabilities. • Produce operational metrics and performance reporting focused on detection coverage, MTTD/MTTR, case handling quality, and tooling efficacy. • Evaluate and implement new technologies, integrations, and automation opportunities to reduce manual workload and enhance response capabilities. • Own and maintain incident response playbooks, SOPs, escalation paths, and response frameworks. • Ensure regulatory, contractual, and internal stakeholder notifications are initiated and documented when required. • Manage post-incident activities, including after-action reviews, corrective actions, and measurable improvements. • Lead readiness activities such as tabletop exercises, red/blue/purple team scenarios, and simulation‑based training. • Ensure incident response posture aligns with organizational risk appetite, audit requirements, and industry best practices. • Direct and mentor analysts in investigations, incident handling, and operational processes. • Execute staffing decisions, performance evaluations, onboarding, and the professional development pipeline for analysts. • Identify operational gaps and recommend technical or process improvements to mature the detection and response program. • Champion a culture of continuous improvement, documentation discipline, and analytical excellence.

🎯 Anforderungen

• Bachelor's degree in Computer Science, Information Security, Engineering, or a related field (or equivalent experience). • CCSP, CISSP, GCIA, GCIH, GCFA, CySA+ or equivalent certifications. • 5+ years of experience leading security operations, incident response, digital forensics, or security engineering. • Demonstrated ability to lead incident response activities from detection through containment, eradication, recovery, and post incident review. • Experience performing root cause analysis, log analysis, and threat investigation. • Exposure to compliance frameworks such as PCI DSS, SOC 2, HIPAA, and FedRAMP. • Strong understanding of cybersecurity fundamentals, including networking, operating systems, endpoint security, cloud security, and identity access management. • Hands-on experience with SIEM platforms (e.g., Elastic, Splunk), EDR tools, IDP/IPS, and other monitoring technologies. • Expertise with incident handling methodologies and frameworks such as NIST 800 61, ISO 27035, and MITRE ATT&CK. • Proficiency in incident management tools and ticketing systems (e.g., Jira, ServiceNow). • Excellent ability to translate technical details into clear, actionable communication for both technical and non-technical stakeholders. • Strong communication and interpersonal skills with the ability to manage stressful situations. • Strong organizational skills with the ability to prioritize and manage multiple concurrent incidents and tasks. • Excellent problem-solving, analytical, and decision-making skills.

🏖️ Vorteile

• medical/prescription drug coverage (with a Health Savings Account feature) • dental and vision options • employee and spouse/child life insurance • short and long-term disability protection • 401(k) with PNC match • pension and stock purchase plans • dependent care reimbursement account • back-up child/elder care • adoption, surrogacy, and doula reimbursement • educational assistance, including select programs fully paid • a robust wellness program with financial incentives • maternity and/or parental leave • up to 11 paid holidays each year • 9 occasional absence days each year, unless otherwise required by law • between 15 to 25 vacation days each year, depending on career level; and years of service