Response Operations Lead

📋 Description

• Oversee daily shift operations, ensuring consistent performance, prioritization, escalations, and compliance with company standards.

• Track KPIs and shift metrics, pinpointing areas for enhancement to address with Management.

• Conduct shift transitions for smooth handovers between shifts.

• Serve as the main point of contact for escalations, prioritizing critical issues and providing Management with insights on noteworthy events during the shift.

• Manage and triage ticket queues, focusing on prioritization, potential impacts, and escalations.

• Lead the review of tuning requests for the assigned shift.

• Assist in Incident response as an active member of the response team, handling escalated tickets related to identified security threats.

• Execute root cause and forensic log analysis for security incidents to assess enterprise risk, impact, and necessary remediations across various technology platforms (Cloud, Hosts, Networks, Applications, Email).

• Analyze threat data from diverse sources to identify significant security incidents and events for direct escalation to Incident Commander(s).

• Recognize, articulate, and explain attack vectors, threat tactics, and attacker techniques to both technical and non-technical stakeholders, including senior leadership.

• Implement appropriate containment response measures across multiple platforms, or facilitate handoffs to partner teams when necessary.

• Act as an Incident Handler for security incidents, driving containment and remediation actions across various platforms, environments, and technologies.

• Collaborate with internal teams, external partners, and vendors to address active Cyber Incidents.

• Provide comprehensive timeline analysis to present evidence-based conclusions regarding entry vectors, lateral movement, and campaign correlation.

• Maintain detailed documentation of all analysis activities in the case management tool to ensure process adherence.

• Contribute to the strategic development and updating of both new and existing response process documentation.

• Offer On-Call support for escalated events for one week in rotation with other Incident Responders.

⛳️ Requirements

• Bachelor’s or Master’s Degree in an IT-related field and/or equivalent professional experience.

• At least 5 years of experience in Cyber Defense, particularly in Incident Response, Security Operations Center (SOC), detection engineering, or similar roles.

• Prior experience in supporting or leading incident response functions.

• Familiarity with industry-standard security toolsets within a layered defense framework.

• Working knowledge of fundamental Enterprise IT concepts (web application architectures, networking, etc.).

• Experience with host-based and network-based forensic tools and analysis.

• Understanding of the cyber threat landscape, including various types of adversaries, campaigns, and their underlying motivations.

• Knowledge of industry-recognized security and analysis frameworks (Mitre ATT&CK, Kill Chain, Diamond Model, NIST Incident Response, etc.).

• Outstanding written and verbal communication abilities.

• Self-motivated with the capacity to work independently as well as collaboratively within a team.

• Strong communication skills (both verbal and written) and client engagement skills, with experience presenting to corporate executives and professionals.

• Availability to be on call and provide support during non-traditional working hours.

🏝️ Benefits

• NBCUniversal is dedicated to enhancing the communities where our employees, customers, and audiences reside and work.

• Opportunities to contribute to community service initiatives.

• Promote an inclusive culture and aim to attract and nurture a talented workforce.