The Salvation Army USA Eastern Territory
Cyber Incident Manager
The Salvation Army USA Eastern Territory, West Nyack, New York, United States, 10994
Overview
Join to apply for the
Cyber Incident Manager
role at
The Salvation Army USA Eastern Territory . This role is located in West Nyack, New York and requires approximately 35 hours of work per week with a hybrid work arrangement (3 days onsite/2 days remote) after three months of employment. Base pay range : $95,000.00/yr - $100,000.00/yr The Salvation Army, an international movement, is an evangelical part of the universal Christian Church. Its message is based on the Bible. Its ministry is motivated by the love of God. Its mission is to preach the gospel of Jesus Christ and to meet human needs in His name without discrimination. We are the largest non-governmental provider of social services in America and every year, we help over 30 million Americans overcome poverty, homelessness, addiction, economic hardships, loneliness, and exploitation through a wide range of programs and services. The Information Technology department has an opportunity for a Cyber Incident Manager position. The Cyber Incident Manager will lead the response to cyber incidents, ensuring they are handled promptly and efficiently to minimize damage and reduce recovery time and costs. They play a pivotal role in coordination with various internal and external stakeholders to manage the incident lifecycle from preparation to post-incident review through identification, containment, eradication, recovery, and lessons learned. This position is integral to the cybersecurity framework, serving as the frontline defense against incidents that can compromise sensitive data, disrupt business operations, and damage the organization’s reputation. The Cyber Incident Manager is not just a technical role. The role is a strategic position that requires a blend of technical acumen, leadership skills, and business understanding to appropriately address incidents while maintaining customer engagement. This individual is critical in ensuring the organization's resilience against ever-evolving cyber threats. We are seeking a candidate based in the West Nyack area who can contribute to our cybersecurity posture and incident response program. Responsibilities
Incident Leadership: The Cyber Incident Manager is responsible for taking command during cybersecurity events, orchestrating response efforts, and promptly addressing incidents. This involves quick decision-making, prioritizing tasks, and directing response teams effectively. Strategic Planning and Preparedness: Develop, maintain, and regularly update incident response plans; conduct risk assessments and tabletop exercises to anticipate threats and vulnerabilities. Coordination and Collaboration: Coordinate with internal departments (IT, Legal, HR, Public Relations) and external entities (law enforcement, cybersecurity firms, regulatory bodies) for a holistic incident management approach. Technical Expertise and Analysis: Understand the cyber threat landscape, analyze incident patterns, and provide insights to improve the organization’s cybersecurity posture. Stakeholder Engagement: Communicate with executives and stakeholders, translating technical incidents into understandable terms and advising on actions and implications for the business. Continuous Improvement and Learning: Perform post-incident analysis to refine systems, processes, and training; stay informed on new technologies and methods in cybersecurity. Regulatory Compliance and Documentation: Ensure activities comply with legal/regulatory requirements; maintain records for audits and improvement. Risk Mitigation: Contribute to reducing risk and impact of cyber threats. Operational Continuity: Ensure rapid and efficient response to incidents to minimize downtime and preserve business operations. Compliance and Trust: Adhere to standards and maintain trust among clients, partners, and regulatory bodies. Qualifications
Bachelor's degree from a four-year college or university. 3-5 years of related experience. Technical Skills: Digital Forensics & Incident Response (DFIR) Security Information and Event Management (SIEM) (e.g., Splunk, Sentinel, QRadar) Intrusion Detection/Prevention Systems (IDS/IPS) Endpoint Detection & Response (EDR) (e.g., CrowdStrike, Darktrace, SentinelOne) Network Traffic Analysis & Packet Capture (Wireshark, etc.) Malware Analysis & Reverse Engineering (basic to intermediate) Log Correlation and Threat Hunting Firewall, Proxy, and IDS Log Analysis (e.g., Fortinet, Meraki) Threat Intelligence Integration and Analysis Email Header and Phishing Analysis Security Orchestration, Automation, and Response (SOAR) platforms (e.g., Palo Alto XSOAR, Swimlane) Forensics Tools: EnCase, FTK, Autopsy, Volatility Threat Intel Platforms: Recorded Future, ThreatConnect, MISP Ticketing Systems: ZenDesk, ServiceNow, Jira, Remedy Framework Proficiency: Incident Response Lifecycle (NIST SP 800-61, PICERL model); Knowledge of MITRE ATT&CK Framework Vulnerability Management & Prioritization Disaster Recovery & Business Continuity Planning (e.g., DR/BC, BIA) Risk Assessment & Gap Analysis Change Control and Root Cause Analysis (RCA) Regulatory, Compliance, and Privacy Awareness: HIPAA, PCI-DSS, NY SHIELD, GDPR, CCPA, CJIS, etc.; SOX ITGC Controls and Audit Support Cyber Insurance (CLI) & Legal Considerations in Breach Response Chain of Custody and Evidence Handling Leadership and Management Skills Relevant certifications (e.g., CISSP, CISM, GCIH, GCFA, CRISC) Collaboration: Confluence, MS Teams, Slack, Monday.com Strong leadership and decision-making; Excellent communication and interpersonal skills Ability to work under pressure and handle crises effectively All qualified applicants will receive consideration for employment without regard to race, color, sex, national origin, disability or protected veteran status. Job details
Seniority level: Mid-Senior level Employment type: Full-time Job function: Information Technology Industries: Non-profit Organizations Benefits
Generous Medical, Dental, Vision Benefits TSA paid Life Insurance for Employees Additional life insurance options for employees On-site cafeteria Paid Time Off – Vacation, Sick, Personal day 403(b) retirement savings plan Non-contributory Pension Plan Professional Development Free, on-site Fitness Center Federal holidays Opportunities to give back and support our communities Referrals increase your chances of interviewing at The Salvation Army USA Eastern Territory.
#J-18808-Ljbffr
Join to apply for the
Cyber Incident Manager
role at
The Salvation Army USA Eastern Territory . This role is located in West Nyack, New York and requires approximately 35 hours of work per week with a hybrid work arrangement (3 days onsite/2 days remote) after three months of employment. Base pay range : $95,000.00/yr - $100,000.00/yr The Salvation Army, an international movement, is an evangelical part of the universal Christian Church. Its message is based on the Bible. Its ministry is motivated by the love of God. Its mission is to preach the gospel of Jesus Christ and to meet human needs in His name without discrimination. We are the largest non-governmental provider of social services in America and every year, we help over 30 million Americans overcome poverty, homelessness, addiction, economic hardships, loneliness, and exploitation through a wide range of programs and services. The Information Technology department has an opportunity for a Cyber Incident Manager position. The Cyber Incident Manager will lead the response to cyber incidents, ensuring they are handled promptly and efficiently to minimize damage and reduce recovery time and costs. They play a pivotal role in coordination with various internal and external stakeholders to manage the incident lifecycle from preparation to post-incident review through identification, containment, eradication, recovery, and lessons learned. This position is integral to the cybersecurity framework, serving as the frontline defense against incidents that can compromise sensitive data, disrupt business operations, and damage the organization’s reputation. The Cyber Incident Manager is not just a technical role. The role is a strategic position that requires a blend of technical acumen, leadership skills, and business understanding to appropriately address incidents while maintaining customer engagement. This individual is critical in ensuring the organization's resilience against ever-evolving cyber threats. We are seeking a candidate based in the West Nyack area who can contribute to our cybersecurity posture and incident response program. Responsibilities
Incident Leadership: The Cyber Incident Manager is responsible for taking command during cybersecurity events, orchestrating response efforts, and promptly addressing incidents. This involves quick decision-making, prioritizing tasks, and directing response teams effectively. Strategic Planning and Preparedness: Develop, maintain, and regularly update incident response plans; conduct risk assessments and tabletop exercises to anticipate threats and vulnerabilities. Coordination and Collaboration: Coordinate with internal departments (IT, Legal, HR, Public Relations) and external entities (law enforcement, cybersecurity firms, regulatory bodies) for a holistic incident management approach. Technical Expertise and Analysis: Understand the cyber threat landscape, analyze incident patterns, and provide insights to improve the organization’s cybersecurity posture. Stakeholder Engagement: Communicate with executives and stakeholders, translating technical incidents into understandable terms and advising on actions and implications for the business. Continuous Improvement and Learning: Perform post-incident analysis to refine systems, processes, and training; stay informed on new technologies and methods in cybersecurity. Regulatory Compliance and Documentation: Ensure activities comply with legal/regulatory requirements; maintain records for audits and improvement. Risk Mitigation: Contribute to reducing risk and impact of cyber threats. Operational Continuity: Ensure rapid and efficient response to incidents to minimize downtime and preserve business operations. Compliance and Trust: Adhere to standards and maintain trust among clients, partners, and regulatory bodies. Qualifications
Bachelor's degree from a four-year college or university. 3-5 years of related experience. Technical Skills: Digital Forensics & Incident Response (DFIR) Security Information and Event Management (SIEM) (e.g., Splunk, Sentinel, QRadar) Intrusion Detection/Prevention Systems (IDS/IPS) Endpoint Detection & Response (EDR) (e.g., CrowdStrike, Darktrace, SentinelOne) Network Traffic Analysis & Packet Capture (Wireshark, etc.) Malware Analysis & Reverse Engineering (basic to intermediate) Log Correlation and Threat Hunting Firewall, Proxy, and IDS Log Analysis (e.g., Fortinet, Meraki) Threat Intelligence Integration and Analysis Email Header and Phishing Analysis Security Orchestration, Automation, and Response (SOAR) platforms (e.g., Palo Alto XSOAR, Swimlane) Forensics Tools: EnCase, FTK, Autopsy, Volatility Threat Intel Platforms: Recorded Future, ThreatConnect, MISP Ticketing Systems: ZenDesk, ServiceNow, Jira, Remedy Framework Proficiency: Incident Response Lifecycle (NIST SP 800-61, PICERL model); Knowledge of MITRE ATT&CK Framework Vulnerability Management & Prioritization Disaster Recovery & Business Continuity Planning (e.g., DR/BC, BIA) Risk Assessment & Gap Analysis Change Control and Root Cause Analysis (RCA) Regulatory, Compliance, and Privacy Awareness: HIPAA, PCI-DSS, NY SHIELD, GDPR, CCPA, CJIS, etc.; SOX ITGC Controls and Audit Support Cyber Insurance (CLI) & Legal Considerations in Breach Response Chain of Custody and Evidence Handling Leadership and Management Skills Relevant certifications (e.g., CISSP, CISM, GCIH, GCFA, CRISC) Collaboration: Confluence, MS Teams, Slack, Monday.com Strong leadership and decision-making; Excellent communication and interpersonal skills Ability to work under pressure and handle crises effectively All qualified applicants will receive consideration for employment without regard to race, color, sex, national origin, disability or protected veteran status. Job details
Seniority level: Mid-Senior level Employment type: Full-time Job function: Information Technology Industries: Non-profit Organizations Benefits
Generous Medical, Dental, Vision Benefits TSA paid Life Insurance for Employees Additional life insurance options for employees On-site cafeteria Paid Time Off – Vacation, Sick, Personal day 403(b) retirement savings plan Non-contributory Pension Plan Professional Development Free, on-site Fitness Center Federal holidays Opportunities to give back and support our communities Referrals increase your chances of interviewing at The Salvation Army USA Eastern Territory.
#J-18808-Ljbffr