Senior Security Lead

Purpose:

As a member of the Cyber Incident Response Team within the global Cyber Incident Response (CIRC), you will play a key role in investigating security incidents identified through infrastructure monitoring. This includes addressing potential hacking attempts, intrusions, malware infections, information mishandling, and other security threats that could negatively impact VS&Co. You will also provide support during major incidents and investigations, as well as engage in ad-hoc threat hunting, purple teaming, tabletop activities.

• Conduct investigations of security incidents, providing analysis and recommending corrective actions to address identified threats
• Participate in ad-hoc threat hunting activities to proactively identify and neutralize potential security threats
• Coordinate with internal teams to support a comprehensive security response.
• Operate endpoint security and SIEM and EDR solutions to detect, analyse, and respond to cyber threats
• Serve as a focal technical lead and primary contact for complex incidents, providing hands-on investigation and support
• Conduct sophisticated digital forensics and malware analysis to understand the scope and nature of threats
• Facilitate, document and manage root cause analysis and post-incident review process, including tracking all action items and lessons learned through to implementation
• Lead the full incident lifecycle, from detection and triage to containment, eradication, and recovery, ensuring the timely and effective resolution of threats
• Facilitate root cause analysis and post-incident reviews, documenting lessons learned and tracking action items for implementation to prevent future incidents
• Train, coach, and mentor junior incident responders, sharing knowledge and helping them develop the skills to handle complex situations independently
• Identify opportunities to enhance the incident response program by improving detection fidelity, developing new tools, and updating incident response playbooks
• Communicate effectively with management, stakeholders, and technical teams regarding Sev1 / Sev 2 incident progress and remediation efforts
• Proactively hunt for adversaries and potential compromises within networks, even when no active incident is reported

Business Strategy

• Possess deep functional knowledge & expertise to coach & guide associates to build process capability.
• Identify & develop SME talent in collaboration with the TL/Managers.

Relationship Management

• Work closely with the respective teams. Collaborate and build strong relationship with functional teams to ensure required support for coaching, streamlining and enhancement of processes.
• Work with cross regional partners
• Vendor management

  • Excellent collaboration skills and the ability to influence team members00