Current Positions

Practice Lead – Cyber Incident Response Services – Technology

Our client, a global technology firm with over $40B in revenues, is rapidly expanding its commercial cyber services practice within its Applied Intelligence organization in North America with an emphasis on delivery of high value cyber security services to the commercial market.

Our clients employees include the Americas, Asia Pacific & Middle East, the UK and Europe and Africa.  Our client focuses on protecting and enhancing clients’ critical operations and assets using intelligence-grade security and large-scale data exploitation and analytics.  Our client’s customers include major Financial institutions (Banking, Capital Markets and Insurance), Healthcare, Energy & Utilities, Communication Service Providers, and Transportation.

Our clients expertise are renowned in four key areas:

  • Cyber Security – helping our clients across the complete cyber security risk lifecycle
  • Financial Crime – identifying, combating and preventing financial threats, risk, loss or penalties
  • Communications Intelligence – providing sophisticated network intelligence, protection and controls
  • Digital Transformation – creating competitive advantage and enhancing operating performance by exploiting data and digital connectivity

Position Description

Lead – Cyber Incident Response Services

Our client’s Systems Applied Intelligence is rapidly expanding our commercial cyber services practice in North America with emphasis on delivery of high value cyber security services to the commercial market.  These services consist of cyber advisory services, cyber technical services and cyber incident response.  Cyber Incident Response Services include emergency cyber incident response, forensic evidence collection, investigation, remediation, recovery and related.

Are you a recognized and respected expert in cyber incident response services? Have you successfully led commercial client engagements for cyber incident response services?

Do you have the entrepreneurial drive to lead a capability area?

We are seeking an accomplished professional to lead the Cyber Incident Response Services business area for commercial clients.  The ideal candidate will be an expert in cyber incident response services, with proven ability and desire to perform hands-on cyber incident response services work while leading an incident response services delivery team.  In addition to Cyber Incident Response Services, the candidate should possess knowledge of and experience in the adjacent areas to include cyber advisory services and cyber technical services.

Core Qualifications


  • Thorough knowledge of information security components, principles, practices, and procedures
  • Minimum 7 years in information security discipline with 4 years as a hands-on practitioner
  • Minimum most recent 3 years of demonstrated success leading and participating in commercial client cyber incident response services engagements
  • Proven ability and desire to perform hands-on services work while leading a services delivery team
  • Expert understanding and application of commercial standards and legislation e.g. ISO 27000, NIST 800, EO 13636/NIST Framework, PCI-DSS and related
  • Extensive knowledge of best practices and effective approaches for enterprise security operations, methods and procedures
  • Degree in Information Security, IT Engineering, Mathematics or Computer Science
  • Relevant industry certifications in the given practice area


  • Experience with industrial control systems / SCADA / critical infrastructure
  • Masters or advanced degree preferred

Core Role Responsibilities

  • Serve as the principal cyber incident response services consultant, supporting the sales process and leading services delivery engagements with clients
  • Demonstrate proven ability and desire to perform hands-on incident response services work while leading a services delivery team
  • Leads, manages, mentors, coaches a team of cyber security professionals within their assigned sub-business unit and/or region
  • Innovative design of competitive services, methodologies, and deliverables for successfully competing in the marketplace
  • Prepare, write, and present proposals, reports and briefings, and oversee work generated by the other team members
  • Be self-motivated and motivate team members while keeping morale and performance high
  • Work to strict deadlines and prioritize work appropriately
  • Help sales team retain and grow business of existing accounts involving practice area
  • Represent the company’s Applied Intelligence at industry forums, expert panels and conferences

Cyber Incident Response Services – Specific Role Responsibilities and Requirements

  • Lead client facing cyber incident response engagements; investigate network intrusions and cyber security breaches to determine cause and extent; provide response management.
  • Respond to client requests, anticipate and meet client problems and needs using innovative approaches when applicable
  • Demonstrate excellent technical presentation skills, both written and verbal, with the ability to communicate the impact and importance of detailed technical information to a non-technical audience
  • Expert practitioner in conducting Incident Response, Computer Forensics, and Traffic capture and analysis
  • Expert knowledge of common cybersecurity incident types and their handling, characteristics of malware and the vulnerabilities it exploits, knowledge of standard remediation techniques and their applicability in different situation
  • Expert knowledge of Operating system internals (Linux and Windows), kernel, hardware abstraction layer, APIs, memory management, security protections
  • Expert knowledge of the exploitation of network and computer security vulnerabilities such as memory corruption bugs, XSS, SQL Injection
  • Expert knowledge of Attack models, methods of attack, network protocols, file systems and file format specifications
  • Knowledge of additional systems such as Mobile, SCADA and Embedded Systems desired
  • Experience with Dynamic/Static reverse engineering software via debugging and disassembly
  • Experience with tools such as: Mandiant Intelligent Response, McAfee Access Protection, McAfee HIPS, malware analysis tools, signature creation tools, Arcsight, Wireshark, Snort, EnCase, FTK, *dbg, IDA Pro

NOTE: Our client will pay an excellent compensation for the right candidate for this position.