Senior Manager, Global Incident Response (Remote)

Experian is a global data and technology company, powering opportunities for people and businesses around the world. We help to redefine lending practices, uncover and prevent fraud, simplify healthcare, create marketing solutions, and gain deeper insights into the automotive market, all using our unique combination of data, analytics and software. We also assist millions of people to realize their financial goals and help them save time and money.

We operate across a range of markets, from financial services to healthcare, automotive, agribusiness, insurance, and many more industry segments.

We invest in people and new advanced technologies to unlock the power of data. As a FTSE 100 Index company listed on the London Stock Exchange (EXPN), we have a team of 22,500 people across 32 countries. Our corporate headquarters are in Dublin, Ireland. Learn more at experianplc.com.

As the Global Incident Response Senior Manager in Experian's Global Security Office (EGSO)/Cyber Fusion Center (CFC), you will oversee the response, containment, escalation, analysis, and mitigation of cybersecurity incidents detected and escalated by the CFC in accordance with Experian's Global Information Security Incident Response Plan. You will manage a new, growing team of specialized, advanced responders to support escalations of complex and prioritized matters from Experian's existing 24x7 security monitoring and response functions responsible for analyzing security incidents involving threats targeting Experian information assets.

This is a technical manager position supporting the strategies of the Experian GSOC and the Chief Information Security Officer. You will report to the CFC Senior Director of Incident Management and Security Operations.

You'll have the opportunity to:

• Be responsible for the daily operations, management, mentorship, and development of the global Advanced Response team, which conducts advanced incident response activities to investigate and contain complex or larger-scale cybersecurity matters (such as major severity incidents).
• Develop and grow the Advanced Response team's processes, capabilities, and overarching strategy to contribute to an overall increase in incident response effectiveness at Experian.
• Work with end-users, information security stakeholders, technical support teams, and management while directly managing critical response workstreams such as those involving analysis and containment for prioritized/major security incidents.
• Develop and maintain relevant playbooks and operational processes, with established and repeatable processes for responding to incidents that align with industry best practices, minimize gaps in response, and mitigate threats.
• Orchestrate analytical workstreams across teams for matters escalated to it and hold responsibility for reporting/representing the CFC's overall understanding of the timeline of attacker activity so that appropriate containment and remediation actions can be coordinated.
• Ensure successful conclusion of cybersecurity incidents according to the processes and procedures within Experian's Incident Response Plan and associated playbooks. Escalate severe incidents according to Experian's Incident Response Plan.
• Support the development/upskilling of lower-level analysts in related CFC tiers through mentorship, training, and process development.

Your background:

• Bachelor's Degree in Computer Science, Computer Engineering, Information Systems, Information Security, or a related field. 8+ years of experience working within a Security Operations Center, Incident Response Team, law enforcement, and/or military experience may be accepted in lieu of this requirement.
• 5+ years of information security experience working in a Cyber Incident Response Team or Security Operations Center.
• 3+ years of leadership experience managing the day-to-day operations of a Cyber Incident Response Team.
• Demonstrated working knowledge of the Incident Response Life Cycle, MITRE ATT&CK Framework, Cyber Kill Chain, and other cybersecurity frameworks.
• Demonstrated knowledge of common intrusion methods and cyber-attack tactics, techniques, and procedures (TTPs).
• Maintain a strong understanding of common Operating Systems (Windows, Linux, Mac OS), Networking (Firewalls, Proxies, NetFlow, etc.), Cloud Infrastructure, and Security Technologies (Anti-Virus, Intrusion Prevention, Web Application Firewalls).
• Review and interpret device and application logs from a variety of sources (e.g., Firewalls, Proxies, Web Servers, System Logs, Splunk, Packet Captures) to identify root cause and determine next steps for containment, eradication, and recovery.
• Exhibit skills using common Incident Response and Security Monitoring applications such as SIEM (Splunk), EDR (FireEye HX, CrowdStrike Falcon, McAfee mVision EDR), WAF, IPS.
• Hold two or more professional certifications related to Digital Forensics or Incident Response (e.g., GCIH, CEH, GCFE, GCFA, CFCE). Information security management certifications (CISSP, CISM) are a plus.
• This role has a regular Monday – Friday schedule with candidate expected to participate in on-call schedule or work outside of normal work hours when required to manage, investigate, and respond to cybersecurity incidents.

Benefits/perks:

• Great compensation package and bonus plan.
• Core benefits including full medical, dental, vision, and matching 401K.
• Flexible work environment, ability to work remotely, hybrid, or in-office.
• Flexible time off, including volunteer time off, vacation, sick, and 12-paid holidays.

Our uniqueness is that we celebrate yours. Experian's culture and people are important differentiators. We take our people agenda very seriously and focus on what matters; DEI, work/life balance, development, authenticity, collaboration, wellness, reward & recognition, volunteering... the list goes on. Experian's people first approach is award-winning; World's Best Workplaces™ 2024 (Fortune Top 25), Great Place To Work™ in 24 countries, and Glassdoor Best Places to Work 2024 to name a few. Check out Experian Life on social or our Careers Site to understand why.

Experian is proud to be an Equal Opportunity and Affirmative Action employer. Innovation is an important part of Experian's DNA and practices, and our diverse workforce drives our success. Everyone can succeed at Experian and bring their whole self to work, irrespective of their gender, ethnicity, religion, colour, sexuality, physical ability or age. If you have a disability or special need that requires accommodation, please let us know at the earliest opportunity.