Incident Remediation Manager - Deloitte Global (Firm Internal)

Deloitte Touche Tohmatsu Limited (Deloitte Global) provides services to Deloitte member firms across the globe. DTTL personnel work on complex business projects that connect and serve Deloitte member firm practitioners across the world.
The Incident Remediation Manager will support the Global Information Security Office in incident remediation activities and will be responsible for leading the team of incident remediation analysts. As a team leader, they will provide oversight and guidance on all activities relating to incident remediation including triage, evaluation, coordination and executive reporting. Will need to build people and talent within your team including coaching, mentoring and counselling. Should have a strong understanding of security operations concepts, vulnerability management and incident remediation within a complex global organization. You will need to have a fundamental understanding of vulnerability management and how active threats utilize vulnerabilities. This role works closely with the Incident Response and Threat Intelligence teams to assist in identifying and remediating threats among our member firm network. Will be responsible for coordinating incident remediation tasks, writing and setting standards relating to incident remediation and associated procedures. Will need to have strong communication skills and public speaking skills to contribute to and deliver presentations to member firm leadership.
Should have an advanced understanding of incident lifecycle, working knowledge of open source and COTS analysis tools and the ability to navigate both Windows and UNIX based systems. Additional experience preferred around incident management and related concepts.
This role offers flexibility in working arrangements through multiple shifts, including 6a-3p, 8a-5p and 11a-8p. At times, the shift may change to provide coverage for team members attending training, PTO or firm holidays. Participating in an on-call rotation would be required and typically is one out of every eight weeks. (6-7 times per year.)
Illustrative Duties and Responsibilities:
Will act as the leader of the incident remediation team and coordinate with both the cyber threat intelligence and incident response leaders to handle inquiries, presentations and technical incident updates.
Will be responsible for the day to day operations of the team leading cases towards resolution by developing and executing a remediation workflow when engaged by the incident response team.
Responsible for creating incident remediation workflow, ensuring best practices are implemented and followed and documentation is prepared to support global incidents covering one or multiple member firms.
Assist in training of team members in remediation, data analysis and vulnerabilities where necessary based on tools used and potential solutions to summarize, analyze and present findings in easy to consume reports.
Will be required to participate in technical investigations to support and assist incident response coordinators within multiple environments by assisting in the identification of threats, remediation of identified incidents, and validation of security incidents and events.
Required Technical Skills:
Must have strong leadership experience in a high paced complex IT environment. Ability to lead and work with remote team members, proven remediation and incident response background.
Should have advanced knowledge of incident remediation within Windows and Macintosh operating systems, embedded systems, networking devices and Linux/UNIX. Must have excellent written, communication and verbal skills to assist with communications with other teams and writing executive summaries based on work output. Ability to work with and translate complex scenarios into a simplistic manner for non-technical resources (General Counsel, Project Management, etc.) Familiarity with threat management frameworks and cyber threat intelligence collection.
May require operational experience with firewalls, routers, switches, various commonly used operating systems (Windows, Linux, UNIX), common attack tools, and vulnerability detection/management tools. Strong background in security incident response, vulnerability management, system operations, and cyber intelligence a plus. Candidates should have a strong proficiency in written and spoken English.
Required Licenses, Certifications, and Other Requirements:
SANS GCIH, GCIA, GCED, Network+, Security+, ArcSight, or other industry-relevant cyber-security certifications are a plus.
Education & Experience:
Bachelor's Degree or equivalent industry experience; minimum 5-7 years Information Security experience with minimum 3 years team lead experience.
Some ability to work non-standard shifts and/or on-call to support the requirements of the organization
We recruit, employ, train, compensate and promote without regard to race, religion, creed, color, citizenship, national origin, age, sex, gender, gender identity/expression, sexual orientation, marital status, disability, genetic information, veteran status or any other legally protected basis, in accordance with applicable federal, state, or local law.
Disclaimer: Nothing in this job description/posting shall constitute an offer or promise of employment. If you are not reviewing this job posting on our Careers' site ( or one of our approved job boards we cannot guarantee the validity of this posting. For a list of our current postings, please visit us at

Don't Be Fooled

The fraudster will send a check to the victim who has accepted a job. The check can be for multiple reasons such as signing bonus, supplies, etc. The victim will be instructed to deposit the check and use the money for any of these reasons and then instructed to send the remaining funds to the fraudster. The check will bounce and the victim is left responsible.

More Jobs

Incident Response Manager - Deloitte Global (F...
Arlington, VA Deloitte & Touche L.L.P.
Incident Remediation Manager- PERMANENT
McLean, VA The Judge Group, Inc.
Sector Knowledge Management Leader, Telecommun...
McLean, VA Deloitte & Touche L.L.P.
Sector Knowledge Management Leader, Telecommun...
Arlington, VA Deloitte & Touche L.L.P.