Caesars Entertainment
Director Incident Response
The Director Incident Response plays a critical role in identifying, investigating, and mitigating cybersecurity incidents. This position requires deep technical expertise in digital forensics, threat hunting, and incident response, along with the ability to communicate findings to both technical and executive audiences. Key Job Functions: Lead forensic investigations and incident response efforts across enterprise environments Perform malware analysis and reverse engineering to understand attacker TTPs Develop and refine incident response playbooks and threat detection logic Conduct threat hunting missions and log analysis across diverse platforms Prepare detailed reports and executive briefings on security incidents Collaborate with SOC, detection engineering, and threat intelligence teams Stay current with emerging threats and security technologies Education and/or Experience and Qualifications: 6-10 years in cybersecurity, with at least 35 years in DFIR roles Proficiency with forensic tools (e.g., EnCase, FTK, X-Ways), SIEMs, and EDR platforms Familiarity with MITRE ATT&CK, NIST 800-61, and IR frameworks Bachelor's or Master's degree in Cybersecurity, Computer Science, or related level of experience. Preferred certifications: GCFA, GCIH, GREM, or equivalent
The Director Incident Response plays a critical role in identifying, investigating, and mitigating cybersecurity incidents. This position requires deep technical expertise in digital forensics, threat hunting, and incident response, along with the ability to communicate findings to both technical and executive audiences. Key Job Functions: Lead forensic investigations and incident response efforts across enterprise environments Perform malware analysis and reverse engineering to understand attacker TTPs Develop and refine incident response playbooks and threat detection logic Conduct threat hunting missions and log analysis across diverse platforms Prepare detailed reports and executive briefings on security incidents Collaborate with SOC, detection engineering, and threat intelligence teams Stay current with emerging threats and security technologies Education and/or Experience and Qualifications: 6-10 years in cybersecurity, with at least 35 years in DFIR roles Proficiency with forensic tools (e.g., EnCase, FTK, X-Ways), SIEMs, and EDR platforms Familiarity with MITRE ATT&CK, NIST 800-61, and IR frameworks Bachelor's or Master's degree in Cybersecurity, Computer Science, or related level of experience. Preferred certifications: GCFA, GCIH, GREM, or equivalent