Description
We are looking for a Cyber Incident Response Commander to join our team of consultants in Montreal office.
This position is remote.
Cyber Incident Response Commanders are professionals who are responsible for investigating and responding to security incidents within an organization. They are responsible for identifying, containing, and mitigating security threats and vulnerabilities. Incident Response Commanders work closely with other information security professionals to ensure that an organization’s security posture is maintained.
The Incident Response Commander reports to the Incident Response Manager.
Tâches

As an Incident Response Commander within the CMA CGM group CERT, you will:

• Maintain documentation and process particularly the incident response plan (IRP):

o Maintain up to date IRP & appendix
o Maintain the Plan in relationship with other plans and policies in effect
o Refine the specific incident playbooks so that each actor is as relevant as possible
o Improve process with legal, communication departments
o Write IRPs contextualized to a specific scope (Ships, Region, Subsidiaries…)
o Regroup lessons learned and provide improvement recommendations
o Establish links between incidents

o Provide evidence to external or internal auditors

• Manage information security incidents:

o Assume the Incident Commander role, bringing business and technical units to the table
o Assess the incident severity
o Declare major incidents officially based on risk and regulation criteria
o Manage incidents according to the Plan and the included playbooks
o Ensure each team member operates within their defined responsibilities and collaborates effectively with others
o Prioritize Forensic activities
o Analyse & prioritise Incidents
o Follow mitigation & recovery

o Communicate, notify, report

• Other responsibilities:

o Participate to Cyber Defense Center transversal collaboration activities
o Participate to projects, improvements and compliance efforts related to CERT matters
These activities are non-exhaustive and can evolve according to operational needs.
Exigences

You profile corresponds to the following criteria:

• You hold relevant cybersecurity industry certifications, including:

Please refer the Job description for details