Job Description

Job Summary: Cyber security is a top priority for AkzoNobel. Our objective is to protect our information and digital assets (IT and OT) by reducing our cyber risk exposure in order to pursue our business objectives. Security Operations, under responsibility of the Security Operations Manager, covers all the operational aspects of cyber security within Second Line of Defense including the three core cyber security processes: Vulnerability Management, Threat Monitoring and Intelligence, and Cyber Security Incident Response and all operational aspects of security in the Second Line of defense. The Lead Security Incident Response, reports to the SOC Manager and will be responsible for managing and coordinating the security incident response activities of the organization. This includes developing and maintaining incident response plans and procedures, leading incident response team activities, and ensuring that incidents are properly identified, assessed, and resolved in a timely manner. The Lead Cyber Security Incident response is a Senior SOC Analyst which coordinates the activities of other SOC Analysts (see job description) in her/his area of responsibility. In the mid-term with the growth of Security and its staff this role will become a team manager with some direct reports. The Lead Security Incident Response will also act as a liaison between different teams within the organization, external partners, third-party security monitoring services, and security project teams to ensure effective communication and collaboration during incident response activities and security projects. Key Responsibilities: In collaboration with the SOC Manager, design and deploy and manage the global Incident Response Process covering the entire organization. Develop and maintain incident response plans and procedures that align with industry best practices and regulatory requirements. Lead incident response team activities, including coordinating response activities and providing guidance to team members. Ensure that incidents are properly identified, assessed, and resolved in a timely manner, while minimizing the impact on business operations. Define, maintain and report KRIs (Key Risk Indicators) and KPIs (Key Performance Indicators) for the processes under her/his responsibility. Act as a liaison between different teams within the organization, external partners, third-party security monitoring services, and security project teams to ensure effective communication and collaboration during incident response activities and security projects. Coordinate with security project teams to ensure that security requirements are properly integrated into project plans, and that security risks are identified and mitigated throughout the project lifecycle. Ensure that security incidents and events are properly reported and tracked in project management systems, and that security teams are kept informed of project progress and status. Coordinate with third-party security monitoring services (CyberSOC) to ensure that security events and alerts are properly identified, assessed, and escalated to the incident response team. Ensure that third-party security monitoring services are providing effective monitoring and analysis of security events and alerts, and that any issues or concerns are addressed in a timely manner. Conduct post-incident reviews and assessments to identify areas for improvement and develop recommendations for enhancing the incident response process. Stay up-to-date with the latest security threats, vulnerabilities, and attack methods, and provide guidance and training to the incident response team, third-party security monitoring services, security project teams, and other stakeholders as needed. Participate in security incident response drills and exercises to test and improve incident response plans and procedures. Develop and maintain relationships with industry peers and external partners to share information and best practices related to incident response and security projects. Qualifications: Bachelor\'s degree in Computer Science, Information Security, or a related field. At least 7-10 years of experience in incident response, cybersecurity, or a related field. Strong knowledge of incident response principles and best practices, as well as industry regulations and standards such as ISO 27001, NIST CSF , IEC 62433, CIS, and GDPR. Experience and knowledge with Adversaries TTP (Tactics, Technics and Procedures) framework like Mitre ATT&CK Experience leading incident response and coordinating response activities across different departments, external partners, third-party security monitoring services, and security project teams. Excellent communication and interpersonal skills, with the ability to build relationships and effectively communicate with stakeholders at all levels of the organization. Strong analytical and problem-solving skills, with the ability to identify and assess security incidents quickly and accurately. Relevant industry certifications such as CISSP, CEH, CISM, or GIAC are preferred. At AkzoNobel we are highly committed to ensuring an inclusive and respectful workplace where all employees can be their best self. We strive to embrace diversity in a context of tolerance. Our talent acquisition process plays an integral part in this journey, as setting the foundations for a diverse environment. For this reason we train and educate on the implications of our Unconscious Bias in order for our TA and hiring managers to be mindful of them and take corrective actions when applicable. In our organization, all qualified applicants receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age or disability.

foundit