Response Operations Lead

This is a fully remote position, open to applicants in United Kingdom.

📋 Description

• Oversee daily shift operations, ensuring consistent performance, prioritization, escalations, and compliance with company standards.

• Track KPIs and shift metrics, pinpointing areas for enhancement to discuss with Management.

• Conduct shift handovers to ensure smooth transitions between shifts.

• Serve as the primary contact for escalations, prioritizing critical items and providing Management with insights on significant events that occurred during the shift.

• Manage and prioritize ticket queues, focusing on prioritization, potential impact, and escalations.

• Lead the review of tuning requests relevant to their shift.

• Assist in incident response as an active member of the response team, addressing escalated tickets related to identified security threats.

• Execute root cause and forensic log analysis for security incidents to assess enterprise risk, impact, and necessary remediations across various technology platforms (Cloud, Hosts, Networks, Applications, Email).

• Evaluate threat data from multiple sources, identifying security incidents and significant events for direct escalation to Incident Commander(s).

• Identify, articulate, and explain attack vectors, threat tactics, and attacker techniques to both technical and non-technical stakeholders, including senior leadership.

• Take appropriate containment response actions across multiple platforms or, in certain cases, hand off to partner teams.

• Act as Incident Handler for security incidents, driving containment and remediation action items across various platforms, environments, and technologies.

• Collaborate with internal teams, external partners, and vendors to resolve active Cyber Incidents.

• Provide detailed timeline analysis to present evidence-based conclusions on entry vectors, lateral movement, and campaign correlations.

• Maintain comprehensive notes on all analysis activities, documented in the case management tool to ensure process adherence.

• Contribute to the strategic development and updating of new and existing response process documentation.

• Provide On-Call support for escalated events for one week on a rotational basis with other Incident Responders.

⛳️ Requirements

• Bachelor’s or Master’s Degree in an IT-related field and/or equivalent work experience.

• At least 5 years of experience in Cyber Defense with a background in Incident Response, Security Operations Center (SOC), detection engineering, or similar roles.

• Prior experience in supporting or managing incident response functions.

• Familiarity with industry-standard security toolsets within a layered defense model.

• Working knowledge of fundamental Enterprise IT concepts (web application architectures, networking, etc.).

• Experience with host-based and network-based forensics tools and analysis.

• Understanding of the cyber threat landscape, encompassing various adversaries, campaigns, and their driving motivations.

• Knowledge of widely recognized security and analysis frameworks (Mitre ATT&CK, Kill Chain, Diamond Model, NIST Incident Response, etc.).

• Outstanding written and verbal communication skills.

• Must be self-driven and capable of working both independently and collaboratively.

• Excellent communication (both verbal and written) and client engagement skills, with experience presenting to corporate executives and professionals.

• Availability to be on call and provide support during non-traditional working hours.

🏝️ Benefits

• NBCUniversal is dedicated to enhancing the communities where our employees, customers, and audiences reside and work.

• Opportunity to engage in community service.

• Foster an inclusive culture and aim to attract and develop a skilled workforce.