Incident Commander - 1380028

November 28, 2022 - Fulton MD or Remote

What You’ll Do

The Cisco Talos Incident Commander will work within established methodologies to perform a variety of Incident Response related activities for Cisco customers this will include emergency response to cyber incidents. It will from time to time also include proactively hunting for adversaries in customer networks, designing and performing Tabletop Exercises, and performing IR Readiness Assessments.

Some other responsibilities include:

  • Leading and working on projects that will support tactical and strategic business objectives.
  • Demonstration of leadership abilities, clear and concise communication with a variety of stakeholders, ability to lead during a crisis
  • Agility to adapt to changing environments, and a strong comprehension of malware, emerging threats and calculating risk will be critical to success.
  • Respond to global cyber incidents caused by internal and external threats to our customers, that may involve nontraditional working hours.
  • Demonstrate capability to map technical findings to business impacts and communicate those in a manner which is understandable by a non-technical audience.
  • Be able to scope an incident, gain consensus on objectives with customers, and lead a team of incident response consultants during an emergency engagement.
  • Design, lead and participate in Table-Top Exercises with customers.
  • Proactively hunt for adversaries on customer networks leveraging a variety of tools and techniques.
  • Lead and perform Incident Response Readiness Assessments for customers.
  • Draft communications, assessments, and reports that may be both internal and customer facing, to include leadership and executive management.
  • Understanding of different attacks and how best to design custom detection, containment, and remediation plans for customers.
  • Serve as a liaison to different businesses and work with fellow team members and colleagues on other security teams. As-needed, manage relationships with business partners, management, vendors, and external parties.
  • Develop and document processes to ensure consistent and scalable response operations.
  • Demonstrate industry leadership through blog posts and public speaking at conferences and events.

Who You Are

Required Skills:

  • Bachelors’ Degree in Computer Science or a related technical degree; or, equivalent industry experience.
  • Minimum 5 years of experience in information security and 4 years of experience handling incidents.
  • Ability to be on-call and work off-shift hours, to include nights, weekends, and holidays.
  • Industry certifications such as the CISSP, CISM, CISA, GCIH, CFCE, GFCA, and/or GCFE.
  • Willing to travel with less than 24-hour notice, up to 35% of the time.
  • Can clearly communicate the Incident Response Lifecycle and the Kill Chain (Attack) Life Cycle.
  • Detailed understanding of current cyber security threats, attacks, and countermeasures. Such as Advanced Persistent Threat (APT), Cyber Crime, Hacktivism and associated tactics.
  • Strong track record of understanding and interest in recognized IT Security-related standards and technologies, demonstrated through training, job experience and/or industry activities..
  • Specialize in host centric analysis utilizing a variety of tools (e.g. F-Response, X-Ways, Volatility, Cisco AMP, etc…).

Why Cisco?

At Cisco, each person brings their unique talents to work as a team and make a difference. Yes, our technology changes the way the world works, lives, plays and learns, but our edge comes from our people. Our People Are The Heart of Cisco.

We connect everything – people, process, data and things – and we use those connections to change our world for the better. We innovate everywhere - From launching a new era of networking that adapts, learns and protects, to building Cisco Services that accelerate businesses and business results. Our technology powers entertainment, retail, healthcare, education and more – from Smart Cities to your everyday devices.

We benefit everyone - We do all of this while striving for a culture that empowers every person to be the difference, at work and in our communities.

Colorful hair? Don’t care. Tattoos? Show off your ink. Like polka dots? That’s cool. Pop culture geek? Many of us are. Be you, with us! #WeAreCisco

Cisco is proud to be an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, national origin, genetic information, age, disability, veteran status, or any other legally protected basis.

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

We see inclusion and diversity as essential to fueling the power of connection. Learn about inclusion and collaboration in action at Cisco. Diversity, Inclusion and Collaboration at Cisco.

Benefits and Perks

We strive to keep our teams happy and healthy. Many roles have the option to be Remote or Hybrid. Cisco provides competitive pay, excellent medical, dental and vision coverage, 401(k) match, 20 days of paid time off plus holidays, support for parents and paid time to volunteer. View the benefits overview. Benefits and Perks - Cisco.

Join us! #WeAreCisco

Cisco Covid-19 Vaccination Requirements

The health and safety of Cisco’s employees, customers, and partners is a top priority. Our goal is to protect and mitigate the spread of COVID-19 infection for strong business resiliency during the pandemic. Therefore, Cisco may require new hires to be fully vaccinated against COVID-19 if the role requires business-related travel, meeting with customers/partners (including visiting third-party sites on behalf of Cisco), attending trade events, and Cisco office entry, unless otherwise prohibited by applicable law, and in countries where COVID-19 vaccination is legally required. The company will consider legally required accommodations/exceptions for medical, religious, and other reasons as per the requirements of the role and in accordance with applicable law. Additional information will be provided to candidates about the requirements and accommodation process at the offer time based on region.


Clicking APPLY will direct you away from TalosIntelligence.com