Incident Commander, Talos Incident Response

  • Location:
    Krakow, Poland
  • Area of Interest
    Customer Experience
  • Job Type
    Professional
  • Technology Interest
    Security
  • Job Id
    1379478



We understand from experience that not ticking every box on the skills sections stops many from applying. You should apply if you feel you are the right person for the job and have the ability to learn and deliver results


Cisco Talos is the threat intelligence organization at the center of the Cisco Security portfolio. We are an elite group of security specialists dedicated to providing outstanding protection to customers with our products and services.


What You’ll Do

The Cisco Talos Incident Commander will work within established methodologies to perform a variety of Incident Response related activities for Cisco customers this will include emergency response to cyber incidents. It will from time to time also include proactively hunting for adversaries in customer networks, crafting and performing Table-Top Exercises, and performing IR Readiness Assessments. You will also be responsible for leading and working on projects that will support tactical and strategic business objectives. Demonstration of leadership abilities, clear and concise communication with a variety of stakeholders, ability to lead during a crisis, personal agility to adapt to changing environments, and a strong comprehension of malware, emerging threats and calculating risk will be critical to success.


Who You’ll Work With

When you work with us, you’ll be part of a distributed team of highly empowered Incident Response and Cyber Threat Intelligence professionals who work as a collaborative team passionate about helping our clients be both better prepared to defend against adversaries on their network, as well as responding to active incidents within their network.


Who You Are

Both your clients and your colleagues consider you a personable, articulate individual, and a born diplomat. You check your ego at the door and learn from others constantly, while also helping to educate those who aren’t as proficient as you are in technical or procedural topics. As a result, you have a track record of working tirelessly to help your clients and teammates and have even come up with some novel techniques in your time.


Required Skills:

  • Respond to global cyber incidents caused by internal and external threats to our customers, that may involve flexible working hours.
  • Must be willing to routinely travel with less than 24-hour notice, up to 35% of the time, be on-call and work off-shift hours, to include nights, weekends, and holidays
  • Can clearly communicate the Incident Response Lifecycle and the Kill Chain (Attack) Life Cycle.
  • Demonstrate capability to map technical findings to business impacts and communicate those in a manner which is understandable by a non-technical audience.
  • Be able to scope an incident, gain consensus on objectives with customers, and lead a team of incident response consultants during an emergency engagement.
  • Specialize in host centric analysis using a variety of tools (e.g. F-Response, X-Ways, Volatility, Cisco AMP, etc…)
  • Design, lead and participate in Table-Top Exercises with customers
  • Proactively hunt for adversaries on customer networks using a variety of tools and techniques
  • Lead and perform Incident Response Readiness Assessments for customers
  • Draft communications, assessments, and reports that may be both internal and customer facing, to include leadership and executive management
  • Understanding of different attacks and how best to design custom detection, containment, and remediation plans for customers
  • Serve as a liaison to different businesses and collaborate with fellow team members and colleagues on other security teams. As-needed, develop relationships with business partners, management, vendors, and external parties
  • Lead projects as required
  • Demonstrate industry leadership through blog posts and public speaking at conferences and events
  • Bachelors' Degree in Computer Science or a related technical degree; or, equivalent industry experience.
  • Minimum 5 years of experience in information security and 4 years of experience handling incidents


Desired Characteristics:

  • Detailed understanding of current cyber security threats, attacks, and countermeasures. Such as Advanced Persistent Threat (APT), Cyber Crime, Hacktivists and associated tactics
  • Solid grasp and curiosity about recognized IT Security-related standards and technologies, demonstrated through training, job experience and/or industry activities.


IT Security Certifications

Industry certifications such as the CISSP, CISM, CISA, GCIH, CFCE, GFCA, and/or GCFE


Why Cisco

We connect everything: people, processes, data, and things. We innovate everywhere, taking bold risks to craft the technologies that give us smart-cities, connected cars, and handheld hospitals. And we do it in style with unique personalities who aren’t afraid to change the way the world works, lives, plays and learns. We celebrate the creativity and diversity that fuels our innovation. We are dreamers and we are doers.

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

Cisco Covid-19 Vaccination Requirements
The health and safety of Cisco's employees, customers, and partners is a top priority. Our goal is to protect and mitigate the spread of COVID-19 infection for strong business resiliency during the pandemic. Therefore, Cisco may require new hires to be fully vaccinated against COVID-19 if the role requires business-related travel, meeting with customers/partners (including visiting third-party sites on behalf of Cisco), attending trade events, and Cisco office entry, unless otherwise prohibited by applicable law, and in countries where COVID-19 vaccination is legally required. The company will consider legally required accommodations/exceptions for medical, religious, and other reasons as per the requirements of the role and in accordance with applicable law. Additional information will be provided to candidates about the requirements and accommodation process at the offer time based on region.

Share