Previous Job
Incident Response Associate
Ref No.: 18-01735
Location: San Jose, California
At eXcell, we set you up for job success right from the start. Our precision recruiting process aligns the right fit for the right people.
The Cybersecurity Incident Management team is responsible for documenting, communicating, and tracking all cybersecurity incidents. The Incident Response Management Associate will own the cybersecurity incident management program, which incorporates goals and objectives based on corporate guidelines, regulations, and enterprise-level guidance to ensure all measurable aspects of the cybersecurity incident management process correspond to the operational priorities of the organization. The associate in this role will define, monitor, and measure the accomplishment of goals and objectives by quantifying the implementation, efficiency, and effectiveness of cybersecurity incident management process, and identifying ways to enhance and automate various processes, as well as ensure tight integration and resiliency of all operations. The associate in this role will be responsible for day-to-day oversight and management of the outsourced managed service provider delivering Cybersecurity Incident Response team services.

General Responsibilities:
  • Execute day-to-day cybersecurity incident management operations
  • Use technology infrastructure and operational processes to enable a more effective incident response process
  • Develop and distribute executive level summaries of cybersecurity incidents which impact assets
  • Communicate deep technical cybersecurity threat & incident response operations information across the Cybersecurity division, to include the CISO, CIO, and General Counsel
  • Verify all CSOC and IR work is properly documented in the Cybersecurity Incident Management system of record
  • Engage with associates across the enterprise as necessary
  • Benchmark "as-is” Cybersecurity Incident Management processes and technology against industry
  • Identify and track Incident Management performance measures to provide relevant performance trends over time
  • Analyze Incident Management performance by observing trends, identifying, and prioritizing corrective actions, and directing the those corrective actions to increase accountability, improve process effectiveness, demonstrate compliance, and provide quantifiable inputs for resource allocation decisions
  • Define quantifiable Key Performance Indicators (KPIs) to measure efficiency and success of Incident Response team activities
  • Automate the production of interval based reports which provide KPI metrics
  • Coordinate with various teams in clarifying security risks, and roles and responsibilities related to ongoing Incident Response cases
  • Provide support to operational & cybersecurity strategy development
  • Maintain updated knowledge of best practices in Cybersecurity Operations and Incident Response processes to identify and recommend new technologies and/or processes with the potential to enhance operations
  • Develop, follow, and maintain “playbooks” which provide a visual depiction of various operational Incident Management workflows
  • Identify and enhance processes where automation has the potential to improve efficiency
  • Very strong communication skills with the ability to manage responsibilities across multiple areas and projects
  • Ability to manage multiple simultaneous responsibilities
  • Excellent problem solving and conceptual thinking abilities, especially with technical troubleshooting
Basic Qualifications:
  • Bachelor's Degree in fields such as Computer Science, Information Systems, and Engineering, or equivalent military experience related to technology or cybersecurity
  • 15+ years of overall technical experience in the technology infrastructure or network field
  • 5+ years of technical experience in a Security Operations Center or supporting an Incident Response Team
  • 5+ years of experience with cyber threat analysis and mitigations

We will consider for employment all qualified applicants, including those with criminal histories, arrest, and conviction records in a manner consistent with the requirements of applicable state and local laws. This includes the City of Los Angeles Fair Chance Initiative for Hiring Ordinance as well as the San Francisco Fair Chance Ordinance.

W2 only, no Corp to Corp. We are unable to sponsor H1B visas at this time. **eXcell™ Supports Equal Employment Opportunity** eXcell™, a division of CompuCom® Systems, Inc., a global company headquartered in Bellevue, Washington, provides IT staffing services and solutions to Fortune 1000 companies as well as small and medium business. For more information, visit