IR Coordinator

Company Summary Established in 2006, CyberClan’s carefully selected team of experts are capable of solving complex cyber security challenges – keeping data secure and businesses running as usual. CyberClan’s Global Incident Response Teams are available 24/7/365 to leap into action, responding to all cyber attacks with proven defensive methodology. Our goal is to get businesses fully operational as quickly as possible and to further prevent any downtown or impact to the business operations. CyberClan investigates and assists clients with all types of security breaches, insider threat, unauthorized access, malicious code. CyberClan is a cybersecurity company that provides services to the insurance and legal markets as well as commercial companies. The former two sectors largely refer clients to us and we provide Incident Response services. When a client suffers a network breach due to nefarious activities of an unauthorised third-party, we act quickly to contain, monitor and remediate their networks and bring peace of mind to our clients. Summary/Objective The Incident Response Coordinator focuses on orchestrating a proactive and efficient response to security incidents, safeguarding the organization's assets, reputation, and operations to minimize impact and restore normal operations swiftly. The candidate will be responsible for being the lead point of contact and manager throughout until project completion. You will liaise with key internal and external stakeholders throughout the project lifecycle, which will include the client, legal counsel, the insurance company and applicable third-party suppliers. Key Responsibilities: • Incident Response Planning: o Develop and maintain incident response plans and procedures. o Regularly review and update response strategies based on evolving threats and vulnerabilities. • Incident Triage Management: o Overseeing the proper collection, documentation, and preservation of evidence during the incident response process. o Developing and updating incident response plans, ensuring they align with organizational needs and industry best practices. • Response Coordination: o Documenting communication among response team members, stakeholders, and external entities. This includes logging meetings, emails, and other relevant communications to maintain a record of decisions and actions taken. o Collaborating with internal stakeholders, such as IT, legal, communications, and external entities, to manage and mitigate incidents ef fectively. • Incident Containment and Mitigation: o Implement containment strategies to prevent the spread of security incidents. o Work closely with technical teams to facilitate the timely isolation of af fected systems and mitigate threats. • Reporting and Documentation: o Ensuring accurate and timely documentation of all incidents, including details like incident timelines, initial assessments, actions taken, and resolutions. This documentation helps in post-incident analysis and reporting as well. • Budget Planning and Reporting: o While not directly handling billing, they may provide information related to incident response costs for documentation and reporting purposes. This information can be crucial for f inancial reporting or insurance claims. o Coordinating with external vendors or service providers for incident response services might involve overseeing contracts or agreements, ensuring services align with budgets and billing terms. • Continuous Improvement: o Regularly reviewing and updating documentation based on changes in technology, regulations. o Conduct post-incident reviews to identify areas for improvement in incident response procedures. Requirements: • Bachelor's degree in computer science, Information Technology, or related f ield (or equivalent experience). • This position requires rotating on-call availability and responsiveness outside of standard working hours to continuous coverage for incident management. • Proficiency in project management methodologies, tools, and techniques. This includes creating project plans, resource allocation, risk management, scheduling, budgeting, and stakeholder management. • Proven experience in network administration, and cybersecurity preferred. • Relevant certifications (e.g., A+, Network+, CISSP, CISM, GIAC) are highly favourable. Additional Skills: • PMP, PRINCE2, or Agile/Scrum certifications desired. • Capacity to work under pressure, manage stress during critical incidents, and adapt to rapidly changing situations in a high-paced environment. • Excellent communication skills to effectively interact with team members, stakeholders, clients, and executives. This includes written, verbal, and presentation skills. Benefits of Working at CyberClan: We are committed to building an inclusive culture of belonging that not only embraces the diversity of our people but also reflects the diversity of the communities in which we work and the customers we serve. We know that the happiest and highest performing teams include people with diverse perspectives and ways of solving problems, so we strive to attract and retain talent from all backgrounds and create workplaces where everyone feels empowered to bring their full, authentic selves to work. CyberClan is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex including sexual orientation and gender identity, national origin, disability, protected veteran status, or any other characteristic protected by applicable federal, state, or local law. We offer fully paid benefits, wellness leave programs & Birthday Leave!