Intellibee - Charlotte, NC
posted 3 months ago
The Cyber Security Incident Response Lead position at Intellibee is a critical role within the Information Protection and Risk Management (IPRM) team. This position is responsible for developing and implementing a comprehensive approach to managing security risks at Ally. The candidate will collaborate closely with subject matter experts from various teams within IPRM to effectively manage responses to cyber security threats and incidents. This role requires a strong understanding of security policies and best practices, as well as the ability to lead investigations into information security events and incidents. In this position, the Cyber Security Incident Response Lead will be tasked with driving efforts towards the containment of threats and the remediation of the environment during or after an incident. The individual will maintain and improve Ally's CyberSecurity Incident Response plan, ensuring that it is up-to-date and effective in addressing potential security risks. Additionally, the lead will have audit management responsibilities, ensuring that identified gaps are addressed promptly to reduce risk. The role also involves contributing to the development and prioritization of use cases, as well as process improvements through the development of new detections and changes in response processes. The Cyber Security Incident Response Lead will perform complex security investigations and root cause analyses, participate in a rotating on-call schedule for after-hours information security events, and conduct post-incident reviews and after-action reports. The individual will coordinate with technical teams and third-party vendors to resolve incidents efficiently and ensure that all incidents are recorded and tracked to meet audit and legal requirements. This position also serves as an escalation point for the PCI environment, providing guidance for monitoring and response.