Job Specifications
Information Security Manager (Incident Response)
The Cybersecurity Manager, specializing in Incident Response and Forensics, leverages knowledge of advanced cyber threats, attacker methodologies, and security technologies to proactively identify and neutralize complex threats within the enterprise environment. This specialist remains informed about emerging technologies and recommends strategic directions.. A strong understanding of security best practices, excellent analytical and problem-solving skills, and the ability to work both independently and collaboratively within a team are essential for this role. The Senior Cybersecurity Specialist plays a crucial part in protecting our organization's digital assets and ensuring a robust security posture.
Detailed Description
Performs tasks such as, but not limited to, the following:
Performs strategic assessments to understand the current capabilities and future security needs of the enterprise. Recognizes and evaluates business security risks while defining appropriate risk-mitigating controls and technologies.
Takes a primary role in investigating and responding to complex security incidents identified through threat-hunting activities, including containment, eradication, and recovery efforts.
Presents incident details and findings to senior management.
Based on insights from threat hunting, recommends and drives the implementation of new or enhanced security controls and technologies to mitigate identified vulnerabilities and improve the organization's defense capabilities.
Provides technical leadership, guidance, and mentorship to junior threat hunters, fostering their professional development and enhancing the team's overall capabilities.
Defines the scope, objectives, and methodologies for threat-hunting engagements based on threat intelligence, business risk, and asset criticality. Oversees the planning, execution, and reporting of threat-hunting activities to ensure the efficient and effective identification of potential threats.
Identifies new and alternative approaches for implementing and managing security activities. Provides security consultation and implements appropriate controls to minimize the risk of potential revenue loss, missed business opportunities, or competitive disadvantages resulting from malicious attacks, accidental data corruption, or unauthorized access to sensitive company or customer information assets.
Maintains relationships with and consults industry-leading Information Security Associations, companies, and forums to stay updated on the latest technology and process advancements through education. Manages security trends and evaluates their effects on the CLS architecture and the security protection landscape.
Provides tier-three subject matter expert (SME) escalation support to the Service Desk for information security issues. This includes maintaining historical information, making adjustments, compiling statistics to enhance performance, and developing performance metrics.
Ensures that projects are selected based on key criteria and are diligent in selecting the most valuable projects within resource and budget constraints. Has the capability to request funding for larger projects, document the program,, and present improvements to senior management for approval.
Prepares clear and concise reports and presentations for both technical and non-technical audiences, including senior management, that summarize threat-hunting activities, findings, and actionable recommendations.
Offers strategic input for the development and maintenance of the organization's security roadmap, informed by insights gained from threat-hunting activities and the evolving threat landscape.
Knowledge/Skills/Competencies
Knowledge of operating systems (Windows, Unix, macOS), endpoint detection and response (EDR) solutions, antivirus software, and how threats manifest on endpoints is essential. This includes understanding system logs, processes, and file system activities.
Proficiency in using SIEM tools (e.g., Sumologic, Microsoft Sentinel) to aggregate, correlate, and analyze security logs and events from various sources is vital for identifying suspicious patterns and anomalies across the environment.
Sound Scripting Knowledge (e.g.: Python, bash, Ruby)
Strong understanding of cloud security concepts, platforms (AWS, Azure, GCP).
Experience in risk and compliance management and process development in the areas of information technology and security
Advanced knowledge of risk mitigation and business controls
Excellent communication and business writing skills, as well as the ability to develop executive-level presentations/strategies that include process diagrams and designs
Excellent problem resolution and creative problem-solving skills
Excellent project management skills and strong knowledge of change management processes
Strong customer management skills; ability to clearly articulate the role that IT can play in enhancing customers' activi
About the Company
Celestica enables the world's best brands. Through our unrivaled customer-centric approach, we partner with leading companies in aerospace and defense, communications, enterprise, healthtech, industrial, capital equipment, and smart energy to deliver solutions for their most complex challenges. A leader in design, manufacturing, hardware platform and supply chain solutions, Celestica brings global expertise and insight at every stage of product development - from the drawing board to full-scale production and after-market se...
Know more