Cybersecurity Incident Response Manager

The Security, Risk, and Compliance division of the National Association of Insurance Commissioners (NAIC) has an exciting opportunity for an Cybersecurity Incident Response Manager that reports to the Security Operations Center Manager. The Cybersecurity Incident Response Manager will lead and manage the incident response process, oversee the performance of a team of security analysts, and manage vendor relationships. 

This position is located in the NAIC’s state-of-the-art offices in Town Pavilion in the heart of downtown Kansas City which includes great restaurants and top-notch entertainment venues. This is a full-time hybrid position in a positive and flexible environment. Residency within 100 miles of the Kansas City, Missouri office is required. 

Responsibilities include: 

• Lead and manage the incident response process, including development of protocol, procedures and playbooks. Coordinate and oversee the response to major security incidents. Ensure timely escalation and communication during incidents. Work with other departments to contain, mitigate and remediate the effects of breaches. Manage vendor relationships. 

• Develop detection to identify and detect suspicious and malicious activity. Investigate activity. Perform root case analysis for incidents, determine how they occurred and prevention tactics. Oversee the analysis of security events and logs to identify threats and incidents. 

• Lead post-incident review and conduct analysis to identify weaknesses and gaps. Document all incidents, response actions taken and prepare reports.  

• Develop and conduct incident response drills and tabletop exercises to assess preparedness. Identify opportunities to improve incident response processes, tools and technologies.  

• Provide expertise and support of state departments. Provide insights on recurring incident types, emerging attack vectors and underlying vulnerabilities. 

• Extensive expertise with Security Information and Event Management (SIEM), Endpoint XDR and Firewall products.  

• Expertise with Microsoft Office tools, including Word, Excel, and PowerPoint.  

• Familiarity with industry security standards (NIST 800-53, ISO 27001/27002, COBIT, PCI-DSS, HIPAA / HITECH) a plus.   

Management Responsibilities 

This position is responsible for the performance of a team of security analysts. 

Travel Requirements 

• This position could require, out-of-state, overnight travel in support of member meetings and events throughout the year. An ideal candidate must be able and willing to travel to locations throughout the United States and with such frequency as necessary to meet the needs of this position and the Association. 

Minimum Education and/or experience required: 

• Bachelor’s degree from four-year college or university program and 5 years security related experience or an equivalent combination of education and experience in Security Incident Response. 

Preferred Certifications: 

• Certified Information Systems Security Professional (CISSP), GIAC Certified Incident Handler (GCIH), or EC-Council’s Certified Incident Handler (E|CIH) are preferred. 

Compensation: 

$105,151- $140,000, commensurate with education and experience