Cyber Incident Commander
Newark, CA
Full Time Senior-level / Expert USD 135K - 202K
Lucid Motors
Lucid is the future of sustainable mobility, designing electric cars that further reimagines the driving experience.We are currently seeking a Cyber Incident Commander to join our SOC team out of our Newark, CA headquarters!
You Will:
- Lead incident response activities as per Lucid IRP (Incident Response Plan) including scoping, communication, reporting, and long-term remediation planning.
- Define the incident management team's objectives and ensure cross department collaboration to fix incidents in a time-boxed fashion.
- Manage the incident response teams by delegating responsibilities and ensure systematic functioning under pressure.
- Structure, manage, and deliver briefings to CISO, Legal, upper management and other stakeholders
- Plan and control communications when managing a major cyber incident. Set up communication channels, inviting the appropriate people into those channels during an incident, and train team members on best practices for not only incident management, but also communication during an incident.
- Understanding types and contents of incident reports both during and post closure
- Coordinate investigation, containment, and other response activities with business stakeholders and groups
- Ensure detailed incident report documentation aligned to the IRP as required and ticketing.
- Provide mentoring of junior staff and serve as point of escalation for higher severity incidents.
- Develop incident analysis and findings reports for management, including gap identification and recommendations for improvement.
- Research, develop, and enhance content within SIEM, EDR, UEBA and other tools.
- Provide technical leadership and conduct incident response engagements.
- Enhance and maintain organization-wide cybersecurity monitoring capabilities, including logging, reviewing, and responding to alerts/issues.
- Perform hands-on, sophisticated digital forensic, host-based or network analysis during an investigation.
- Oversees the SIEM operations to facilitate configuration of proper alerts, notifications, and dashboards.
- Manages the development and continuous improvement of security monitoring playbooks.
- Oversees the collection of intelligence feeds from relevant sources (e.g., commercial, open-source feeds) and direct the integration with security monitoring and security information and event management (SIEM) systems.
- Manages, reviews, and disseminates threat intelligence reports as requested.
- Ensures appropriate identification and communication of vulnerabilities to applicable stakeholders.
- Coordinates with relevant teams (e.g., Legal) to drive compliance with applicable regulatory requirements for security incidents.
You Bring:
- 5-7 years of experience leading information security incident response and coordinating incident response for critical cyber events.
- 5-7 years of experience communicating risk and impact due to a cyber security incident and periodic updates to the CISO, Legal Counsel and upper management.
- 5-7 years of experience working in a Cyber Security Operations Center (in-house or outsourced) or a cyber incident response team in a leadership role leading incident response as per the incident response plan (IRP).
- 5-7 years of leading incident investigations and performing the role of incident commander / coordinator.
- 5-7 years of collaborating with IT and Engineering stakeholders to drive incident response and remediation.
- 5-7 years of performing root cause analysis of recurring incidents and implementing lessons learned during an incident to help improve Lucid’s security maturity.
- 5-7 years of driving incident response and incident handling processes.
- 5-7 years of working with security tools such as SIEM, Analytics & Intelligence, Firewall/IDS/IPS, Intrusion Detection, Malware detection, Data Loss Protection, and Identity & Access Management
- Ability to stay up to date on current cyber threat landscape, cyber threat trends, threat actors/groups, and exploit campaigns.
- Maintain incident management program documentation, including incident response runbooks.
Nice to Have:
- Experience working with a major cloud based or on-prem SIEM product (Splunk, ArcSight, QRadar, Sentinel, Securonix, LogRhythm, etc.)
- Automobile and/or manufacturing industry experience is a plus
- Leadership skills—the ability to take command in a high-stress situation.
By Submitting your application, you understand and agree that your personal data will be processed in accordance with our Candidate Privacy Notice. If you are a California resident, please refer to our California Candidate Privacy Notice.
To all recruitment agencies: Lucid Motors does not accept agency resumes. Please do not forward resumes to our careers alias or other Lucid Motors employees. Lucid Motors is not responsible for any fees related to unsolicited resumes.Tags: Analytics ArcSight CISO Cloud Compliance EDR Exploit Firewalls IDS Incident response Intrusion detection IPS LogRhythm Malware Monitoring Privacy QRadar Sentinel SIEM SOC Splunk Threat intelligence Vulnerabilities
Perks/benefits: 401(k) matching Career development Competitive pay Equity / stock options Health care Insurance Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Penetration Tester jobs
- Open Cloud Security Architect jobs
- Open Security Operations Engineer jobs
- Open Principal Security Engineer jobs
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Senior Product Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Cyber Security Architect jobs
- Open IT Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Network Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Security Consultant jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Security Operations Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information Security Architect jobs
- Open Information System Security Officer jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open SOC-related jobs
- Open Analytics-related jobs
- Open Network security-related jobs
- Open CISA-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Threat intelligence-related jobs
- Open Vulnerability management-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs
- Open Security Clearance-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open Security assessment-related jobs
- Open SaaS-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open Java-related jobs
- Open EDR-related jobs
- Open TS/SCI-related jobs