Title:  Cyber Security Incident Response Manager

We are JTI, Japan Tobacco International, and we are present in 130 countries. We have spent years innovating, creating new and better products for the consumers to choose from. This is our business. But not only. Our business is our people. Their talent. Their potential. We believe that when they are free to be themselves, and they are given the opportunity to grow, travel and develop, amazing things can happen.

That’s why our employees, from around the world, choose to be a part of JTI. It is why 83% of employees feel happy working at JTI. And why we’ve been awarded Global Top Employer status, nine years running. 

So when you’re ready to choose a career you’ll love, in a company you’ll love, feel free to #JoinTheIdea. 

Learn more: jti.com

If you would like to know more about JTI Iberia, please follow the link.

Cyber Security Incident Response Manager

What this position is about - Purpose:

With growing number of Security Incidents and in order to improve Incident Response process, the Security Operations Centre needs to assign a Tier 3 Incident Manager who will be able to quickly identify the true cause of a cyber incident, determine the span of a compromise and provide practical advice to fix and prevent the problems and if required, to assist with recovering critical data and services. 

What will you do - Responsibilities: 

Cyber Incident Response:

• Responsible for leading rapidly evolving incident response engagements as a key technical expert and member of the Security Operations Center (SOC), assisting and responding to incidents in coordination with the SOC team members and other involved parties
• Acts as subject matter expert on forensic artifacts (network and host-based) as they pertain to system compromises and malware infections. Provides written summaries and analysis of incidents, write clear and concise incident investigation reports for management review

Forensic Investigations (Host and Network):

• Conducts and/or supervises computer forensic examinations to include the collection, preservation, processing, and analysis of digital evidence. Substantiates or disproves investigative allegations through adherence to the highest level of industry standards associated with the forensic examination of digital media

Prevention:

• Provide tailored remediation and counter-measure recommendations to the Technical Security Center and employees security awareness content

Knowledge management:

• Monitor Security Industry trends on new threats. Develop JTI current and forward-looking threat profile and recommendations for baseline security configurations for operating systems, applications, and networking equipment

• Coordinates of the Incident Response activities in EMEA region as a Team Lead of a team of two people providing guidance, support, and mentorship. Ensures that they are provided with necessary tools, permissions and materials to perform daily activities in scope of the service

• Foster a positive and collaborative work environment that encourages teamwork and individual growth. Set clear performance expectations and goals for team members. Conduct regular performance reviews and provide constructive feedback to enhance individual and team performance

Who are we looking for - Requirements:

• University degree in Computer Sciences, Information Systems, or related field or relevant experience
• 2 years of experience in Cyber Security Incident Response and Digital Forensics
• Excellent working knowledge of security monitoring, investigation and forensic principles, techniques, and processes 
• Analytical/problem solving ability
• Process management and Standard/Procedures literacy
• Management skills
• Change management skills
• Fluent English written and spoken

Thank you very much for your interest in the role. You are welcome to apply.