Incident Response Manager - Cyber Security
At Palo Alto Networks® everything starts and ends with our mission:
Being the cybersecurity partner of choice, protecting our digital way of life.
We have the vision of a world where each day is safer and more secure than the one before. These aren’t easy goals to accomplish – but we’re not here for easy. We’re here for better. We are a company built on the foundation of challenging and disrupting the way things are done, and we’re looking for innovators who are as committed to shaping the future of cybersecurity as we are.
We are seeking a motivated security expert who will be part of a special incident response team and play a critical role in assisting customers to triage security events, including investigation of technical details and coordination with multiple cross-functional stakeholders - from company CSO’s and professional services consultants to our world-class threat research team.
This is a unique opportunity to be a part of a team that is at the center of upholding the company’s mission, sharing and influencing best practices, and aiding customer organizations as they seek a trusted partner to navigate unique and time-sensitive security incidents.
Do you have quick-thinking skills, inquisitive nature, ability to quickly assess unique situations, draw conclusions on limited data, determine best recommended next steps, and report out key facts, lessons learned and actions completed on each incident.? Including identifying trends over time that can help influence how the team grows and the company invests to further assist customers.
- Lead investigations by assisting customers to analyze security alerts and coordinating response activities
- Serve as POC for triaging and quarter-backing unique customer security incidents
- Gather event intelligence and indicators of compromise to assess incident severity, and recommend appropriate cross-functional stakeholders for assistance
- Follow through on recommended actions, and with engaged partners to drive incident resolution
- Track lessons learned and detection gaps to inform best-practices and R&D roadmap
- Produce clear, accurate and detailed reports, as well as concise executive summaries, on each incident for account teams, executives and all appropriate constituents
- Closely monitor security industry news for noteworthy incidents and take the initiative to contact associated account teams and assess events for appropriate action
- Identify and implement mechanisms to streamline information gathering and speed the process by which key information is disseminated to key constituents and incident is resolved
- Initiate, drive and participate in efforts to educate internal colleagues at all department levels on the philosophies, processes, and practices of the incident response team
- Work directly with international support and communications colleagues to ensure 24x7 assistance can be provided as needed
- Minimum 5+ years working in a security-focused or analyst role
- Experience with security incident management in medium to large organizations
- Knowledge of Palo Alto Networks products
- Strong understanding of security operations: perimeter defense, forensics, incident response, kill chain analysis and risk assessments
- Advanced knowledge of network analysis tools such as Wireshark, TCPDump, and Scapy
- Strong written and verbal skills are required
- Working knowledge of malware analysis, including construction, usage and detection techniques
- Scripting experience and experience developing or integrating security tools using APIs
- Solid grasp of security industry terms, trends and technologies with the ability to translate technical information into meaningful and actionable points
- Ability to work under pressure and deliver quality summaries against tight deadlines
- A collaborative and flexible personality that allows for building strong relationships across the company and different international colleagues
- Familiarity with Salesforce.com is preferred
- Flexibility and a sense of urgency with regards to timely communications that may require flexible work hours and accommodation for interactions across various time zones
Our Customer Support team is critical to our success and mission. As part of this team, you enable customer success by providing support to clients after they have purchased our products. Our dedication to our customers doesn’t stop once they sign – it evolves. As threats and technology change, we stay in step to accomplish our mission.
You’ll be involved in implementing new products, transitioning from old products to new, and will fix integrations and critical issues as they are raised – in fact, you’ll seek them out to ensure our clients are safely supported. We fix and identify technical problems, with a pointed focus on providing the best customer support in the industry.
We’re trailblazers that dream big, take risks, and challenge cybersecurity’s status quo. It’s simple: we can’t accomplish our mission without diverse teams innovating, together.
We are committed to providing reasonable accommodations for all qualified individuals with a disability. If you require assistance or accommodation due to a disability or special need, please contact us at email@example.com.
Palo Alto Networks is an equal opportunity employer. We celebrate diversity in our workplace, and all qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or other legally protected characteristics.