Cybersecurity Incident & Engagement Manager (CIEM)

CYPFER is a leading first-responder cybersecurity organization enabling clients to swiftly and effectively return to business following a cyber-attack. As a global market leader in ransomware post-breach remediation and cyber-attack first response, we consistently deliver results that exceed market standards for handling cyber-extortion and ransomware events. Our team collaborates with prominent global insurance carriers, leading law firms, and Fortune 1000 businesses. 

We have an exciting opening for a Cybersecurity Incident & Engagement Manager (CIEM), which is a consulting practitioner that is a key participant in our Incident Response teams.  You will play an important role in managing and coordinating the response to cyber incidents, ensuring that they are handled in a timely and effective manner. This position involves working closely with internal and external stakeholders to mitigate risks, minimize damage, and facilitate recovery efforts. This is a client-facing role where you will be responsible for managing cybersecurity incidents on behalf of our clients, including Fortune 500 organizations, ensuring quick resolution and minimizing impact to their operations. The CIEM is responsible for maintaining incident response protocols, managing communication during an incident, and ensuring continuous improvement of incident response processes.

Just like our company, this role is unique, and it is not like any of the regular Project Management positions out there; to succeed you need to possess skills to influence contributors at all levels, have organizational skills to manage engagements from inception to invoicing, set up and run kick-off and status meetings, maintain regular and agile client communications, define and document Standard Operational Processes, control project budgets, improve processes, support quality assurance steps for final deliverables where required and act as an escalation point for engagement issues. 

Our CIEM must enjoy active and regular interaction with technical consultants, lawyers and clients to keep up with our fast-paced high-demand engagements. This is a very engaging and hands-on role that does not allow for dull moments and often requires daily collaboration with our global teams across Europe and North America.

It requires a person that understands the fundamentals of IT infrastructure, proactive security measures, disaster recovery and remediation activities as they relate to information security.

Strong relationship-building ability with our partners within the insurance and legal professions is a must as well as with end-clients. You will have accountabilities for all engagements assigned to you and should be able to manage multiple engagements in parallel, at different stages. You need to possess strong experience working in the Information Technology and/or Security fields and a keen interest in learning about incident response methodologies and underlying forensic and breach response principles.

Your primary responsibility will be to act as the main point of contact for engagement delivery. As an engagement manager in the Cybersecurity field, you are required to possess leadership skills as well as, exceptional time management skills, excellent attention to detail and uncompromising pursuit of quality.

The successful candidate will be responsible for the following:

INCIDENT MANAGEMENT

• Manage and coordinate engagement to address response to cybersecurity incidents, including data breaches, malware infections, system compromises, and other cyber threats.
• Act as the main point of contact during active incidents, ensuring clear and timely communication with internal stakeholders, management, and external parties (e.g., vendors, legal, regulators).
• Collaborate with technical teams to investigate, contain, and mitigate incidents.
• Maintain accurate and up to date records of incidents, including the timeline of events, response actions taken, deliverables, deadlines, and lessons learned.
• Create incident status reports and contribute to post-incident analysis.
• Assist in developing, testing, and refining incident response plans and procedures to ensure they are up-to-date and effective.
• Ensure regulatory and compliance requirements are met throughout the incident lifecycle.
• Support efforts to identify the root cause of incidents and recommend improvements to prevent future occurrences.
• Track incident response metrics, provide status updates, and report on incident trends to management.
• Coordinate and ensure all facets of the incident response process are successfully executed in an organized and trackable manner.
• Enforce our critical incident response SLAs across all team members.
• Identify gaps, risks and opportunities during the incident, and address them to ensure the success of the incident.
• Develop and deliver agile/rapid progress reports, proposals, requirements documentation and presentations to various audiences.
• Create a strong partnership with the Incident Technical Leads to ensure nothing is missed and all engagements are delivered successfully.
• Coordinate, run, and record an incident postmortem

PROJECT MANAGEMENT

• Manage a portfolio of complex initiatives that span one or multiple lines of business
• Collaborate with other teams to ensure agility and eliminate unnecessary delays
• Full engagement life cycle ownership: successful engagement delivery will include full implementation from initiation to deployment for several major or minor initiatives simultaneously
• Manage all aspects of multiple related engagements to ensure the overall program is aligned to and directly supports the achievement of strategic objectives
• Report on success criteria results, metrics, test and deployment management activities
• Prepare budget estimates, projections and detailed engagement plans for all phases and types of engagements
• Effectively and organized management of resources used/needed and deliverables for each stream of the project.
• Control of project budgets, proactive tracking of change management and budget adjustments.
• Provide status reporting regarding milestones, deliverables, dependencies, risks and issues, progress, communicating across leadership and project stakeholders, often daily.
• Understand interdependencies between technology, operations and business needs.
• Manage scope approved and change management process for additional streams.
• Support the Statement of Work process.

JOB REQUIREMENTS

• Work Independently, remotely and with minimal supervision while delivering high-quality output
• Effective delivery of results in a fast-paced engagement environment
• Display an aptitude and desire for continuous learning at the leading edge of security
• Learn, understand and lead the deliverable of all the services CYPFER offers
• Remain current on information security, emerging threat trends, and tools including methodologies to combat the same
• A high degree of comfort in customer-facing/consulting situations
• Travel as needed to customer locations for engagements requiring onsite presence including frequent travel with little notice. The ability to travel internationally may be required
• Flexibility to work with multiple time zones (clients and/or team members)
• Adhere to policies, procedures, and security practices in accordance with assigned customer’s established practices and internal policies
• Excellent written and verbal communication skills, with the ability to convey technical issues to non-technical stakeholders.
• Take meticulous notes and demonstrate strong reporting capabilities with an emphasis on detail
• Open to feedback and learning the company culture
• Ability to manage multiple tasks simultaneously and prioritize effectively under pressure.

LEADERSHIP

• This role will own accountability for the specific engagements assigned
• Support building a strong team
• Ability to lead engagements by managing team members from various technical teams
• Support new services and offerings to the marketplace
• Act as a leader and mentor to junior team members
• Provide on-site leadership for the engagement team by building and motivating team members to meet engagement goals, adhering to their responsibilities and milestones
• Participate in establishing practices, templates, policies, tools and partnerships to expand and mature these capabilities for the organization
• Resolve problems and understand escalation procedures; coordinate escalations and collaborate with client technology teams to ensure timely resolution of issues

EDUCATIONAL AND BACKGROUND REQUIREMENTS:

• Relevant educational background, preferably in a technical field such as Cybersecurity, IT, etc.
• 5+ Years of experience in incident or project management in a consulting role is preferred
• Experience managing high-performance teams and/or technical implementations,
• Work collaboratively with customers and self-manage through difficult situations with a focus on client satisfaction
• Exceptional drive to achieve ambitious goals and tight timelines
• Strong problem-solving skills and attention to detail
• Ability to multitask, balancing multiple projects simultaneously
• Technical and Project Management Acumen
• Proficiency in technical writing & communication for business audiences in English
• Familiar with Agile Kanban methodology
• Ability to respond onsite in a 24/7/365 environment; must be willing to work evenings, overnight, weekends, and holiday hours as in some cases it is required.
• Excellent Communication and Writing skills
• Excellent knowledge of MS Tools: Word, Excel, Visio, Powerpoint, Sharepoint.
• Proficiency in remote communication tools like Zoom, Teams, Slack, Signal, etc.
• Familiar with Project Management tools.
• Any fluency in additional languages is a plus

Schedule:
Evening shifts
Monday to Friday
On call – must do one weekend a month.
Weekend availability
Willingness to travel: 25% (Preferred)